Health Care Data Breach
With ransomware attacks reaching record numbers, and more
than a billion stolen passwords for sale on the dark web,
I’m constantly amazed that there aren’t more data breaches, if I’m honest. Not
that it makes it any the less shocking when a healthcare provider discloses
that the medical records of a million patients have been compromised. Here’s
what we know about the Community Health Center security incident.
More Than A Million Medical Records Stolen
In a Jan. 30 filing to the Office of the Maine Attorney
General, Connecticut-based healthcare provider Community Health Center has disclosed a data breach,
first discovered Jan. 2, has impacted more than a million patients following a
successful attack by unknown threat actors who gained access to its networks.
In a letter to impacted patients, seen by this reporter,
Mark Masselli
president and CEO at Community Health Center, Inc., said, that investigators
had determined that “a skilled criminal hacker got into our system and took
some data, which might include your personal information.” This doesn’t appear
to have been a ransomware attack, as Masselli said no data was deleted or
encrypted, and the hack didn’t impact healthcare operations. “We believe we
stopped the criminal hacker’s access within hours,” Masselli said, “and that
there is no current threat to our systems.”
There is, however, the small matter of the files that the
hacker stole: files containing “patients’ personal and health information
belonging to 1,060,936 individuals.” The stolen data is understood to include:
- Patient
Names
- Dates
of Birth
- Contact
Information
- Social
Security Numbers
- Medical
Diagnoses
- Treatment
Details
- Test
Results
- Health
Insurance Details
A Medical Records Nightmare
“This incident highlights the urgency of securing healthcare
infrastructures—protecting not just patient data, but the broader ecosystem of
communication, collaboration, and care delivery,” Emily Phelps, a director at a
cyber firm, said, “Incidents in this sector underscore the ongoing risks
healthcare providers face, with attackers gaining access to sensitive data like
names, medical diagnoses, and insurance details.”
Although the Community Health Center attack is not thought
to have been ransomware-related, the same cannot be said for the latest
healthcare hack. As I reported Feb. 1, the New York Blood Center has been hit
by ransomware scumbags who have disrupted the blood donation process of a major blood
supplier to 200 hospitals with all the possible consequences that come with
such an irresponsible action.
Dr. Ilia Kolochenko, CEO at ImmuniWeb and a Fellow at the
British Computer Society, told me that healthcare will probably be the most
desirable target for ransomware groups in 2025 for three key reasons. First is
funding, with most healthcare organizations “surviving mostly thanks to
governmental subsidies or charity donations,” Kolochenko said, “this makes
healthcare institutions a low-hanging fruit for unscrupulous cybercriminals,
who are unwilling to spend a lot of time and effort to pierce multilayered cyber
defense of, say, wealthy financial institutions.” Then there’s the more likely
to pay weakness that is introduced by the very nature of the business these
organizations are in, where human life is more important than money. “Knowing
this,” Kolochenko said, “ransomware groups usually start with a six- or even
seven-digit bid, then significantly reduce it to something that the victim can
pay, naively believing that it got a great deal.“ And finally, healthcare
providers can handle very sensitive data of politicians, celebrities and
wealthy executives, “making attacks against healthcare unprecedently lucrative
compared to most other sectors,” Kolochenko concluded.
The attacker also has access to names, dates of birth and health insurance details, this could be an extortion nightmare waiting to unfold.