Sunday, February 23, 2020
  • List all OS Versions for Your Fleet of Systems
  • DEF CON 27, Artificial Intelligence Village – Anna Skelton’s ‘Deep Fakes, Deep Trouble: Analyzing The Effects of Deepfakes On Market Manipulation’
  • XKCD ‘Grandpa Jason and Grandpa Chad’
  • DEF CON 27, Artificial Intelligence Village – Barton Rhodes’ ‘Securing Your Kubeflow Clusters’
  • Securing the real perimeter – part 1

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming
    • On-Demand
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
  • Library
  • Related Sites
    • MediaOps Inc.
    • DevOps.com
    • Container Journal
    • Digital Anarchist
    • SweetCode.io
  • Media Kit

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Data Security Security Bloggers Network 

Home » Cybersecurity » Data Security » Thousands of patients impacted by ransomware attack at medical billing company

Thousands of patients impacted by ransomware attack at medical billing company

by Graham Cluley on March 7, 2019

Following a ransomware attack at a medical billing company, thousands of patients are being warned that their highly sensitive medical information and personal details were amongst the breached data.

Michigan-based Wolverine Solutions Group (WSG) says that it discovered its systems had suffered a security breach on September 25 last year. Malware had infected the company’s computers and encrypted “many” of the firm’s records, rendering them inaccessible.

One week later WSG called in a team of external forensic security experts who attempted to recover the encrypted data.

According to WSG, its critical operations were back up and running by November 5, 2018 — over 40 days after the ransomware attack was initially detected.

However, work has continued in the months since to identify those individuals whose healthcare clients were affected. The company has mailed out a number of notifications to affected individuals in December, January and February, and says it will sent out more this month.

The good news is that no evidence has been found that the sensitive data was exfiltrated from WSG’s servers. As with most ransomware cases, the risk to information is primarily that it has been encrypted with a key only known to the attackers and made inaccessible rather than stolen for the purposes of identity theft and fraud.

Of course, it is possible for organizations to recover without paying any ransom to the criminals if they have maintained secure, regular backups of the data. Sadly, it’s still all too common to discover that backups have not been maintained or that the backups themselves have also been corrupted by the attack.

Even though there is no evidence that unauthorized parties stole the data, WSG says that the nature of the affected files (some of which contained individual patient information such as names, addresses, dates of birth, Social (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Graham Cluley. Read the original post at: https://www.tripwire.com/state-of-security/healthcare/thousands-patients-ransomware-attack-medical-billing-company/

March 7, 2019March 7, 2019 Graham Cluley Featured Articles, healthcare, IT Security and Data Protection, medical, Ransomware
  • ← Update your Chrome browser now! 0-day actively exploited in the wild
  • Cisco rolls out patches for high-risk vulnerabilities in FXOS and NX-OS software →

Subscribe to our Newsletters

Get breaking news, free eBooks and upcoming events delivered to your inbox.
  • View Security Boulevard Privacy Policy

Most Read on the Boulevard

Companies Don’t Trust Themselves With Zero Trust
Now Is the Time to Focus on API Security
Lesser-Known Social Engineering Tricks
DISA Breach Could Impact 200,000, Says Trump’s IT Agency
Survey Confirms CISOs Stressed Out
The Billion Pound Manchester City Hack
Juice Jacking: How Hackers Can Steal Your Info When You Charge Devices
Scammers Use Fake Website to Masquerade as Burning Man Organizers
Insecure Direct Object Reference (IDOR) — Web-based Application Security, Part 6
GET TO KNOW YOUR SECURITY THREATS

Upcoming Webinars

Tue 25

New Paradigms for the Next Era of Security

February 25 @ 1:00 pm - 2:00 pm
Mar 04

Shift Application Security Knowledge Left to Deliver Secure Code On Time

March 4 @ 11:00 am - 12:00 pm
Mar 09

Best Practices to Secure Containerized Apps with Next-Gen WAF

March 9 @ 1:00 pm - 2:00 pm
Mar 23

The State of Open Source Security

March 23 @ 1:00 pm - 2:00 pm

More Webinars

Download Free eBook

Developers Are Taking Over AppSec

Recent Security Boulevard Chats

  • Cloud, DevSecOps and Network Security, All Together?
  • Security-as-Code with Tim Jefferson, Barracuda Networks
  • ASRTM with Rohit Sethi, Security Compass
  • Deception: Art or Science, Ofer Israeli, Illusive Networks
  • Tips to Secure IoT and Connected Systems w/ DigiCert

Industry Spotlight

Chernobyl and its Cyber Lessons, Part 2: Incident Response
Cybersecurity Industry Spotlight Security Awareness Security Boulevard (Original) 

Chernobyl and its Cyber Lessons, Part 2: Incident Response

February 21, 2020 Simon Lacey | 2 days ago 0
Lesser-Known Social Engineering Tricks
Cybersecurity Industry Spotlight Security Boulevard (Original) Social Engineering 

Lesser-Known Social Engineering Tricks

February 20, 2020 David Balaban | 3 days ago 0
Now Is the Time to Focus on API Security
Cybersecurity DevOps Industry Spotlight Security Boulevard (Original) 

Now Is the Time to Focus on API Security

February 19, 2020 Doug Dooley | 4 days ago 0

Top Stories

DISA Breach Could Impact 200,000, Says Trump’s IT Agency
Cybersecurity Data Security Featured Network Security News Security Boulevard (Original) Spotlight Threats & Breaches 

DISA Breach Could Impact 200,000, Says Trump’s IT Agency

February 21, 2020 Richi Jennings | 1 day ago 0
Veritas Extends Reach of AI Compliance Tool
Cybersecurity Featured News Security Boulevard (Original) Spotlight Threat Intelligence 

Veritas Extends Reach of AI Compliance Tool

February 20, 2020 Michael Vizard | 2 days ago 0
Iran Backdoors ‘Dozens’ of Companies via VPN 1-Day Vulnerabilities
Cybersecurity Data Security Endpoint Featured Malware Network Security News Security Boulevard (Original) Spotlight Threats & Breaches Vulnerabilities 

Iran Backdoors ‘Dozens’ of Companies via VPN 1-Day Vulnerabilities

February 17, 2020 Richi Jennings | Feb 17 0

Security Humor

via   the comic delivery system monikered  Randall Munroe  at  XKCD !

XKCD ‘Grandpa Jason and Grandpa Chad’

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: info@securityboulevard.com

Useful Links

  • About
  • Media Kit
  • Sponsors Info
  • Copyright
  • TOS
  • Privacy Policy
  • DMCA Compliance Statement

Other Mediaops Sites

  • Container Journal
  • DevOps.com
  • DevOps Connect
  • DevOps Institute
Copyright © 2020 MediaOps Inc. All rights reserved.

Our website uses cookies. By continuing to browse the website you are agreeing to our use of cookies. For more information on how we use cookies and how you can disable them, please read our Privacy Policy.