Ransomware Hits Center for Orthopedics (COS), California
First, offices and organizations, then crypto exchanges, government authorities, agencies, and now healthcare. Ransomware attacks have now targeted the healthcare sector. Looks like the whole world is being compromised by just a few. Let’s read more about the news.
Recently in California, Center for Orthopedics Specialists (COS) was compromised by a ransomware attack, which resulted in the leak of personal information of the patient’s. Around 85,000 records of patients were exposed. The center confirmed the news about the attack.
According to the center, three facilities were affected by this attack that includes, West Hills, Simi Valley, and Westlake Village in California.
Some malicious software was used by the actors to execute this. It was used to gain access and encrypt patient’s data. In return, the attackers are demanding ransom to decrypt the data.
However, as of now for prevention, COS is informing all the patients whose data was stored on the system that was attacked. Healthcare provider has already sent a letter as a notification to all the current and former patients as well.
What Exactly Happened?
There is a third-party IT vendor, who provides COS with security and technological services informed the healthcare organization about the attack.
According to them, an unauthorized party illegitimately tried to gain access to the records. This attack might be similar to the attack that took place earlier this month in Atlanta, in which computer networks were hacked for ransom.
Also Read : 5 Best Ransomware Protection Tools For Windows
What Information Was Exposed?
As said, 85000 patient records were exposed to actors, which included their personal information, and details of their medical records.
On this COS confirmed in a statement that,
“The patient data that was encrypted by the unauthorized party could have included a patient’s name, date of birth, details about their medical records, and Social Security number. To the best of our knowledge, no patient information was downloaded or removed by the unauthorized party”.
What Actions Are Being Taken?
COS is currently working with their IT vendor. As soon as they got to know about the attack, affected systems were taken offline permanently, before any further information gets exposed and deleted. Federal Law Enforcement Agency was also notified about the attack.
Plus, COS has already notified current as well as former patients affected by the incident through notification letter.
The company is now providing affected patients with complimentary 2-year identity protection service. COS is working with IT vendor to recover and decrypt the data. Hope they do it soon.
If you found this helpful, please let us know. You can also drop your feedback in the comment section below.