Something new or an error by the hacker? Either way, replacing all that information will be costly and take a lot of time.
All of Desert Wells Family Medicine patients’ electronic health records were corrupted and unrecoverable from ransomware attack
On August 30, HHS added Queen Creek Medical Center d/b/a Desert Wells Family Medicine in Arizona to its public breach tool. The entity had reported that 35,000 patients were impacted by a breach involving a hack of the network.
We now have more details on that incident available thanks to a public disclosure of their notification and a copy of their letter to patients, both of which are linked from their web site.
According to their notification and letter, which was first spotted by Health ITSecurity, on May 21, 2021, Desert Wells experienced a ransomware incident that impacted many of its IT systems.
Investigation into the incident found no evidence that any sensitive data was exfiltrated, but
the unauthorized individual who accessed the network corrupted the data and patient electronic health records in Desert Wells’ possession prior to May 21, 2021 are unrecoverable despite our exhaustive efforts to try to recover our patients’ sensitive information.
The practice did have backups in place, but report that the backup data was also corrupted by the unauthorized individual.
It is not clear from the notification whether the threat actor was just incompetent at encrypting files or if the corruption of files and backup was intentional to pressure the entity into paying ransom to get a copy that the threat actor may have exfiltrated without it being detected by investigators.
Desert Wells makes no mention of any ransom demand or negotiations although they do describe the incident as a ransomware attack.
This information in the involved patient electronic health records may have included patients’ names in combination with their address, date of birth, Social Security number, driver’s license number, patient account number, billing account number, health insurance plan member ID, medical record number, dates of service, provider names, and medical and clinical treatment information.
Desert Wells’ notification gives a clue as to the massive task that lies ahead:
Desert Wells will continue to expend every effort to rebuild patients’ electronic health records in a new and enhanced electronic medical record system. This includes compiling our patients’ data from other sources, including from medical specialists, previous medical providers, hospitals, pharmacies, imaging centers, and labs, among others. We will request that patients update necessary forms during this process.
When you think about the enormity of the task, it may become clearer why Wood Ranch Medical decided to close their practice in similar circumstances.
In a companion letter to patients, Dr. Daniel Hoag addresses the matter forthrightly, informs patients that they are being offered credit monitoring and identity theft restoration services should they be needed, and ends the letter with a very human note:
We recognize this is an upsetting situation and, from my family to yours, sincerely apologize for any concern this may cause. I’m sure many of you have been reading about other healthcare providers in the community, and around the country, that have been impacted by cybersecurity events. For our part, we are continuing to take steps to enhance the security of our systems and the data entrusted to us, including by implementing enhanced endpoint detection and 24/7 threat monitoring, and providing additional training and education to our staff.
We thank our loyal patients for your patience and understanding, as we continue to work day and night to bring you the high quality care and service you deserve.
This attack never showed up on any of the ransomware leak sites that DataBreaches.net checks on a frequent basis. Nor has any data allegedly from any attack shown up for sale or free on any forum where such data normally appear.
Always worth reviewing.
https://threatpost.com/top-steps-ransomware-recovery-preparation/169378/
Top Steps for Ransomware Recovery and Preparation
When it comes to ransomware attacks, it’s no longer a question of if or even when, but how often. A business falls victim to a ransomware attack every 11 seconds, making ransomware the fastest-growing type of cybercrime.
… The first thing to do when dealing with a ransomware attack is to assess your options for recovery. This may mean a complete bottom-up approach — reinstalling systems along with recovery of data — or it may mean making do with smaller data sets that can be recovered quickly. Depending on the desired outcome, here are some important options to consider:
As vaccine records become a national ID card, access to the source code makes it easier to hack or even create your own.
https://techblog.cdt.ca.gov/2021/09/releasing-our-digital-vaccine-record-code-on-github/
Releasing our Digital Vaccine Record code on GitHub
Soon after we launched the Digital Vaccine Record portal in June, our friends at the Colorado Digital Service asked if we’d be willing to share our code with other states. Shortly after that, several other states reached out with similar requests. I’m excited to share that my office has released the code for both the front end and the middle tier for California’s Digital Vaccine Record to the public domain on GitHub.
Perspective. A roadmap of future regulation?
California Privacy Protection Agency Seeks Comments on Preliminary CPRA Issues
The California Privacy Protection Agency (CPPA), which is responsible for issuing regulations implementing the California Privacy Rights Act (CPRA), has posted its approved discussion draft for seeking public comments in preparation for its CPRA rulemaking activities. The CPPA indicated that it is particularly interested in receiving comments on the following eight topics:
Perspective. A long way to go.
https://bigthink.com/technology-innovation/the-problem-with-ai
The term 'AI' overpromises: Here's how to make it work for humans instead
… But there is not the slightest shred of understanding, reasoning and context in there, just simple re-creation of things seen before. An image recognition system trained to detect sheep in a picture does not have the slightest idea what "sheep" actually means. However, those systems have become so good at recreating the output, that they sometimes look like they know what they are doing.
Isn't that good enough, you may ask? Well, for some limited cases, it is. But it is not "intelligent", as it lacks any ability to reason and needs informed users to identify less obvious outliers with possibly harmful downstream effects.
No comments:
Post a Comment