In 2019, we saw the most cases of ransomware attacks we’ve seen in a long time. However, in 2020, with the rise of COVID-19 and the vulnerabilities it brought, the numbers weren’t projected to improve-- and they didn’t.
By the end of November, more than a dozen large healthcare delivery organizations had been affected by cyberattacks. Two of these being in Florida. If large organizations are at risk of cyberattacks, it’s not hard to imagine that small businesses are just as vulnerable, if not more.
A cyberattack on Tampa’s Agency for Community Treatment Services, Inc. (ACTS) from October 21, 2020 was detected on October 23 when ransomware was deployed into their systems and encrypted data to prevent access. These systems contained patient names, dates of birth, Social Security numbers, and medical records holding information related to the services provided to patients between 2000 and 2013.
Due to the extensive efforts made by the attackers to conceal their activity the investigation did not uncover any concrete evidence to show patient data had been accessed or stolen. However, this is still a possibility.
ACTS was able to restore the encrypted data from backups and did not pay the ransom. Steps have continually been taken by ACTS post-breach to strengthen security and prevent further attacks along with providing complimentary credit monitoring and identity theft protection services to all affected individuals.
LEON MEDICAL CENTERS ATTACK
Another ransomware attack still being investigated was on Leon Medical Centers, a network of 8 medical centers in South Florida. Prior to deploying ransomware, the attackers threatened to publish patient information publicly if their ransom demands were not met. They claimed to have obtained over 1 million patients’ medical records, names, addresses, social security numbers, and even their photographs among other identifying information. This claim, however, was found to be exaggerated.
The attack, which occurred prior to December 23, 2020, is still under investigation and it is not clear if and how many people were affected.
PROLIANCE SURGEONS ATTACK
Proliance Surgeons in Seattle, WA has also suffered a cyberattack on their corporate website in which patient credit card information may have been obtained by the attackers. No other protected health information was involved and the credit card information at risk only belonged to patients who paid for their services online. The attackers had access to the website between November 13, 2019 and June 24, 2020 according to an investigation.
The cause of the breach has since been identified and addressed and a new website with a different payment platform has been implemented, which has superior security.
Proliance has coordinated with the major payment card providers to prevent unauthorized charges on the affected cards.
WHAT DOES THIS MEAN FOR US?
With the threat of COVID-19 not slowing down any time soon, these 2020 cyberattack trends are expected to carry over into 2021. Investing in extensive cyber security measures is crucial in order to keep individuals and organizations safe from malicious attacks such as these. Ransomware remains the biggest cybersecurity threat, a further reminder of the need for proactive security measures.
Visit our website www.wheelhouseit.com or give us a call at (877) 771-2384 to schedule a consultation with WheelHouse IT. Our network security solutions will help prevent malicious attacks from hacking to spamming to help keep your business and its data protected.
Click here https://get.wheelhouseit.com/cybersecurity-checklist for our Ultimate Cybersecurity Checklist. An easy-to-follow checklist that will allow you to increase your cybersecurity and protect your data and devices.