Hospital warns 24,000 patients that its EMR system was hacked to mine cryptocurrency

Hackers are increasingly setting their sights on electronic medical records (EMR) to extort money from hospitals and their affiliated system vendors. Most recently, one hospital has seen its EMR service hijacked to mine cryptocurrency.

On January 26, Parsons, Tennessee-based Decatur County General Hospital started notifying customers that its EMR vendor was compromised by a hacker who injected cryptocurrency mining malware into its systems.

“On November 27, 2017, we received a security incident report from our EMR system vendor indicating that unauthorized software had been installed on the server the vendor supports on our behalf,” reads the DCGH notice. “The unauthorized software was installed to generate digital currency, more commonly known as ‘cryptocurrency.’”

An investigation revealed the attacker infected the servers remotely some time in September. However, the hospital was only notified of the breach two months later, which is highly unorthodox considering that the attackers could have (and potentially might have) compromised the sensitive information of tens of thousands of patients.

It is unclear how much cryptocurrency was generated for the attacker(s) as part of the hack, but DCGH says “the EMR vendor replaced the server and operating about four days later [following the breach].”

The hospital says information on the affected server included patient names, addresses, dates of birth, Social Security numbers, diagnosis and treatment data, and insurance billing information.

On the good side, while the investigation into the breach continues, DCGH claims (so far) it has no evidence that patient information was acquired or viewed by unauthorized parties.

“Based upon reports of similar incidents, we do not believe that your health information was targeted by any unauthorized individual installing the software on the server,” reads the reassuring notice.

The growing popularity of cryptocurrency has spawned huge interest in cryptocurrency miners and ransomware. Digital currency is highly untraceable, while at the same time it can be generated out of thin air by hacking and using other people’s computers to ‘mine’ new coins.

For the curious, the cryptocurrency mined with the hacked EMR vendor’s systems was reportedly Dash. According to the World Coin Index, which tracks the fluctuating values of all cryptocurrencies in existence, Dash is the fourth-most valuable cryptocurrency per unit, currently trading at 557 USD.

For comparison, one Ethereum is $820, BitcoinCash sells for just over $1,000, and the almighty Bitcoin – which two months ago stood at almost $20,000 per unit – is now worth $8,200.



This is a Security Bloggers Network syndicated blog post authored by Filip Truta. Read the original post at: HOTforSecurity