On Wednesday, Acadian confirmed that it was the victim of a cyberattack in late June that disrupted operations of certain computer systems, and, while the extent of the data theft has yet to be confirmed, ransomware group Daixin is threatening to leak sensitive medical information of 10 million patients on the dark web.
“Upon discovering the activity, our team responded quickly and strategically to lock down systems to prevent any further unauthorized activity and activated backup and redundancy systems to prevent disruption to patient care,” Acadian said.
Acadian was able to continue operating without disrupting patient care, but the investigation into the incident determined that threat actors did access a server containing patients’ protected health information, the company said.
Based on tables that appeared on Daixin’s leak site on Wednesday, the stolen database contains more than 11 million rows of patient records, including patient histories and cases involving suspected drug use, as well as more than 28,000 rows of employee information.
The group claims to have demanded a $7 million ransom but after weeks of negotiating, Acadian claimed it could only pay $173,000 while it attempts to raise more funds.
Emily Phelps, Director, Cyware had this to say:
“This incident underscores the critical need to protect sensitive health information. Healthcare organizations need to be enabled to adopt continuous monitoring, threat intelligence, and proactive security measures to safeguard against potential threats. Investing in advanced security technologies and fostering industry-wide collaboration are essential steps in enhancing the resilience of healthcare entities.”
Once again a healthcare organization has been pwned by threat actors, and the general public will suffer as a result. This should send a clear message that this is a sector that needs to double down on cyber defences to stop being a soft target for threat actors.
Like this:
Like Loading...
Related
This entry was posted on July 26, 2024 at 9:20 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Acadian Ambulance Confirms Cybercriminals Threaten To Leak Data Of 10 Million Patients
On Wednesday, Acadian confirmed that it was the victim of a cyberattack in late June that disrupted operations of certain computer systems, and, while the extent of the data theft has yet to be confirmed, ransomware group Daixin is threatening to leak sensitive medical information of 10 million patients on the dark web.
“Upon discovering the activity, our team responded quickly and strategically to lock down systems to prevent any further unauthorized activity and activated backup and redundancy systems to prevent disruption to patient care,” Acadian said.
Acadian was able to continue operating without disrupting patient care, but the investigation into the incident determined that threat actors did access a server containing patients’ protected health information, the company said.
Based on tables that appeared on Daixin’s leak site on Wednesday, the stolen database contains more than 11 million rows of patient records, including patient histories and cases involving suspected drug use, as well as more than 28,000 rows of employee information.
The group claims to have demanded a $7 million ransom but after weeks of negotiating, Acadian claimed it could only pay $173,000 while it attempts to raise more funds.
Emily Phelps, Director, Cyware had this to say:
“This incident underscores the critical need to protect sensitive health information. Healthcare organizations need to be enabled to adopt continuous monitoring, threat intelligence, and proactive security measures to safeguard against potential threats. Investing in advanced security technologies and fostering industry-wide collaboration are essential steps in enhancing the resilience of healthcare entities.”
Once again a healthcare organization has been pwned by threat actors, and the general public will suffer as a result. This should send a clear message that this is a sector that needs to double down on cyber defences to stop being a soft target for threat actors.
Share this:
Like this:
Related
This entry was posted on July 26, 2024 at 9:20 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.