The Alabama Cardiovascular Group (ACG) began notifying nearly 280,500 current and past patients, physicians and employee that hackers stole their sensitive information.
ACG has about two dozen physicians and said it became aware on July 2nd that an unauthorized party accessed its computer network, resulting in its network being severed from the internet. An investigation determined that threat actors accessed internal systems between June 6 and July 2, 2024.
The information impacted by the incident varies by individuals but may include:
SSNs, Health insurance information and claims, Usernames and passwords, Payment cards, Bank account information, Dates of medical services, Diagnoses, Medications, Images, Lab results, Other treatment information.
Steve Hahn, Executive VP, BullWall:
“It is a matter of when, not if, public facing companies will experience a breach and often, a full on Ransomware Attack. Prevention tools that exist today are not enough, as is evidenced by these ongoing attacks. Medical groups and hospitals have become a favorite for these attacks this past year. In fact, the ransomware group ALPHV (Blackcat) told the FBI, after the FBI claimed falsely that they “took down” the group, that they would now focus all of their efforts on US healthcare organizations. This attack does not mention a ransom demand, but once you have been breached and data exfiltrated, the damage can be just as severe.
“Organizations can no longer rely solely on prevention. They have to have containment and mitigation strategies in place. They can continue to work to try to stop them, but they have to also plan on the inevitable and work out rapid Ransomware “containment” and mitigation strategies as well as plans for how to rebuild after the event.”
This is yet another example of a health care organization being pwned by hackers. At this point, it should be beyond clear that more needs to be done to ensure that these organizations are not easy targets for threat actors.
Related
This entry was posted on August 20, 2024 at 8:53 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Alabama Cardiovascular Group Pwned By Hackers With Patient Data Being Swiped
The Alabama Cardiovascular Group (ACG) began notifying nearly 280,500 current and past patients, physicians and employee that hackers stole their sensitive information.
ACG has about two dozen physicians and said it became aware on July 2nd that an unauthorized party accessed its computer network, resulting in its network being severed from the internet. An investigation determined that threat actors accessed internal systems between June 6 and July 2, 2024.
The information impacted by the incident varies by individuals but may include:
SSNs, Health insurance information and claims, Usernames and passwords, Payment cards, Bank account information, Dates of medical services, Diagnoses, Medications, Images, Lab results, Other treatment information.
Steve Hahn, Executive VP, BullWall:
“It is a matter of when, not if, public facing companies will experience a breach and often, a full on Ransomware Attack. Prevention tools that exist today are not enough, as is evidenced by these ongoing attacks. Medical groups and hospitals have become a favorite for these attacks this past year. In fact, the ransomware group ALPHV (Blackcat) told the FBI, after the FBI claimed falsely that they “took down” the group, that they would now focus all of their efforts on US healthcare organizations. This attack does not mention a ransom demand, but once you have been breached and data exfiltrated, the damage can be just as severe.
“Organizations can no longer rely solely on prevention. They have to have containment and mitigation strategies in place. They can continue to work to try to stop them, but they have to also plan on the inevitable and work out rapid Ransomware “containment” and mitigation strategies as well as plans for how to rebuild after the event.”
This is yet another example of a health care organization being pwned by hackers. At this point, it should be beyond clear that more needs to be done to ensure that these organizations are not easy targets for threat actors.
Share this:
Like this:
Related
This entry was posted on August 20, 2024 at 8:53 am and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.