Sunday, April 21, 2019
  • Was it a Chinese spy or confused tourist?
  • BSidesSF 2019, Victor Clark’s ‘Strangeways, Here We Come’
  • XKCD, Email Settings
  • Online RADIUS
  • BSidesSF 2019, Brandon Weeks’ ‘Do Androids Dream Of Electric Fences?’

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming
    • On-Demand
  • Chats
  • Library

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Data Security Security Bloggers Network 

Home » Cybersecurity » Data Security » Thousands of patients impacted by ransomware attack at medical billing company

Thousands of patients impacted by ransomware attack at medical billing company

by Graham Cluley on March 7, 2019

Following a ransomware attack at a medical billing company, thousands of patients are being warned that their highly sensitive medical information and personal details were amongst the breached data.

Michigan-based Wolverine Solutions Group (WSG) says that it discovered its systems had suffered a security breach on September 25 last year. Malware had infected the company’s computers and encrypted “many” of the firm’s records, rendering them inaccessible.

One week later WSG called in a team of external forensic security experts who attempted to recover the encrypted data.

According to WSG, its critical operations were back up and running by November 5, 2018 — over 40 days after the ransomware attack was initially detected.

However, work has continued in the months since to identify those individuals whose healthcare clients were affected. The company has mailed out a number of notifications to affected individuals in December, January and February, and says it will sent out more this month.

The good news is that no evidence has been found that the sensitive data was exfiltrated from WSG’s servers. As with most ransomware cases, the risk to information is primarily that it has been encrypted with a key only known to the attackers and made inaccessible rather than stolen for the purposes of identity theft and fraud.

Of course, it is possible for organizations to recover without paying any ransom to the criminals if they have maintained secure, regular backups of the data. Sadly, it’s still all too common to discover that backups have not been maintained or that the backups themselves have also been corrupted by the attack.

Even though there is no evidence that unauthorized parties stole the data, WSG says that the nature of the affected files (some of which contained individual patient information such as names, addresses, dates of birth, Social (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Graham Cluley. Read the original post at: https://www.tripwire.com/state-of-security/healthcare/thousands-patients-ransomware-attack-medical-billing-company/

March 7, 2019March 7, 2019 Graham Cluley Featured Articles, healthcare, IT Security and Data Protection, medical, Ransomware
  • ← Top 5 New Open Source Vulnerabilities in February 2019
  • Cisco rolls out patches for high-risk vulnerabilities in FXOS and NX-OS software →
Featured Blog

Ellen Neveux

What is privileged access management (PAM)?

SecureLink

Proposed Texas Bill Would Regulate Vendor Contracts

Ellen Neveux

SecureLink named a March 2019 Gartner Peer Insights Customers’ Choice for Privileged Access Management

Subscribe to our Newsletters

Get breaking news, free eBooks and upcoming events delivered to your inbox.
  • View Security Boulevard Privacy Policy

Most Read on the Boulevard

With No Permission, Facebook Slurped up ‘Hundreds of Millions’ of Email Contacts
ERM: Understanding the State of Cybersecurity and Risk
Information Security is a Fundamentals Game
DevOps Chat: Forrester Wave Leaders Discuss SCA
Blockchain Reality Check: Which Promises Can It Keep?
50 Best Kubernetes Architecture Tutorials
The 4 Deadly Technology Sins of a Small Business
Can Smart Lighting Beat a Hacker? How Machine Learning Can Boost IoT Security
The Cybersecurity Weakest Link – Linux and IOT
Marcus “MalwareTech” Hutchins Pleads Guilty to Writing, Selling Banking Malware

Upcoming Webinars

There are no upcoming webinars at this time.

Download Free eBook

Q1 2019 Report: Email Fraud & Identity Deception Trends

Recent Security Boulevard Chats

  • Cloud, DevSecOps and Network Security, All Together?
  • Security-as-Code with Tim Jefferson, Barracuda Networks
  • ASRTM with Rohit Sethi, Security Compass
  • Deception: Art or Science, Ofer Israeli, Illusive Networks
  • Tips to Secure IoT and Connected Systems w/ DigiCert

Industry Spotlight

Information Security is a Fundamentals Game
Cybersecurity Industry Spotlight Security Awareness Security Boulevard (Original) 

Information Security is a Fundamentals Game

April 18, 2019 Paul Ziegler | 3 days ago 0
ERM: Understanding the State of Cybersecurity and Risk
Cybersecurity Incident Response Industry Spotlight Network Security Security Boulevard (Original) 

ERM: Understanding the State of Cybersecurity and Risk

April 17, 2019 Dustin Owens | 4 days ago 0
Take Back Control of Your Apps and Data With Cloud Monitoring
Cloud Security Cybersecurity Industry Spotlight Security Boulevard (Original) 

Take Back Control of Your Apps and Data With Cloud Monitoring

April 16, 2019 Mike Mason | Apr 16 0

Top Stories

News 

Capsule8 Supports Google Cloud Security Command Center with Security Partner Integration

April 18, 2019 Deb Schalm | 3 days ago 0
With No Permission, Facebook Slurped up ‘Hundreds of Millions’ of Email Contacts
Cybersecurity Data Security Featured Governance, Risk & Compliance Identity & Access News Security Boulevard (Original) Spotlight 

With No Permission, Facebook Slurped up ‘Hundreds of Millions’ of Email Contacts

April 18, 2019 Richi Jennings | 3 days ago 0
News 

Meta Networks Recognized by 451 Research for Zero-Trust Software Defined Perimeter

April 16, 2019 Deb Schalm | Apr 16 0

Security Humor

via the comic delivery system monikered Randall Munroe at XKCD !

XKCD, Email Settings

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: info@securityboulevard.com

Useful Links

  • About
  • Media Kit
  • Sponsors Info
  • Copyright
  • TOS
  • Privacy Policy

Other Mediaops Sites

  • Container Journal
  • DevOps.com
  • DevOps Connect
  • DevOps Institute
Copyright © 2019 MediaOps Inc. All rights reserved.

Our website uses cookies. By continuing to browse the website you are agreeing to our use of cookies. For more information on how we use cookies and how you can disable them, please read our Privacy Policy.