Year 2017 is half way through, and internet security breach is perhaps one of the topics which has made the maximum headlines – of course after the usual news on political bickering. Just like the past year, this year too hackers have made the most of the fragile online infrastructure of the healthcare industry. In fact, the healthcare sector has emerged as one of the easiest targets for hacking due to its rather weak and obsolete security systems.
In the past six months, the top five healthcare breaches which shook the medical fraternity throughout the globe are:
1. ABCD Children’s Pediatrics
The San-Antonio based healthcare center was the target of the recent ransomware attack, which breached data of as many as 55,447 patients. On investigation, it was found that Dharma virus, a variant of the Crisis ransomware, had afflicted the files.
Medical records are often used for dark web dealings, pediatric patient records are high commodities in the dark web. The files which were affected by the recent attack included details like medical records, lab results, social security numbers, as well as procedure technology codes.
2. Harrisburg Gastroenterology
In March 2017, Harrisburg Gastroenterology noticed suspicious activity on their system which led to the compromise of 93,323 patient records. The incident pointed out the loopholes in the website maintenance, which made the Pennsylvania-based institute to notify its patients regarding the breach in data. Critical diagnostic, clinical, as well as insurance information was compromised in this case.
3. The National Health Service in England and Scotland
In case of hospitals under The National Health Service (NHS), it was the ransomware variant Wanna Decryptor which breached the private information. Wanna Decryptor is one of the most lethal ransomware variant on the dark web, which is why the damage caused was rather huge. The attack crippled the delivery of healthcare services in at least 16 organizations under the NHS. Patients were warned to avoid certain departments, ambulances were diverted, and worst of all, in many cases the hospital staff were unable to access patient data.
4. Molina Healthcare
Another major Medicaid and Affordable Care Act insurer, Molina Healthcare, had to shut down its patient portal due to security flaws. With a simple change in the URL, the portal provided easy access to all the medical claims data of patients. The breach made news due to the fact that the basic Security 101 flaw was not taken care of. Thus, even though the exposed data did not contain social security numbers, other details like disease, diagnosis, and other medically critical patient information were compromised.
5. Airway Oxygen
It was in April, that the ransomware attack hit the home medical equipment supplier Airway Oxygen. In this case, the hacker gained access to the network and hacked it in such a way that the employees were shut out from the system where the personal information of the patients was stored.
All these attacks only highlight the need for the healthcare sector to move towards better security measures and a proactive IT department which keeps a close watch on suspicious cyber activities. The time to act, is now!