On February 5, 2021, tens of thousand of healthcare patient files from Leon Medical Centers and Nocona General Hospitals were posted for sale on the dark web during a cyberattack. More details about this cyber ransomware healthcare attack are discussed below.
Patient Files for Sale
When hackers access the networks of healthcare organizations through cyber ransomware attacks, the hackers often exfiltrate the organization’s data, or maliciously encrypt files so that they cannot be accessed by the organization. The purpose of doing so is to solicit ransom payments for the return of sensitive data, such as patient files. However, when an organization refuses to pay the ransom, and in many cases when the victimized organization does pay the ransom, hackers post the data on the dark web for sale.
Criminal HIPAA violations have become a common trend in the healthcare industry in particular, as patient files contain a wealth of information that can be used for a variety of purposes including identity theft, financial fraud, or even to blackmail patients.
Leon Medical Centers Ransomware Attack
On January 8, 2021, Leon Medical Centers (LMC) announced that it had suffered a malware attack that compromised protected health information (PHI) stored on its systems. Upon discovering the incident, LMC launched an investigation discovering that PHI potentially accessed included patient names, contact information, Social Security numbers, financial information, dates of birth, family information, medical record numbers, Medicaid numbers, prescription information, medical and/or clinical information including diagnosis and treatment history, and health insurance information.
Spokesperson for Leon, Yolanda Foster, stated, “We are working diligently with third-party forensic experts to complete an investigation into the matter. As soon as possible, we will provide direct notifications to any affected individuals.” As investigations are still underway, it is unclear how many patients were affected by the breach.
Nocona General Hospital Ransomware Attack
Nocona General Hospital is a different story, it doesn’t seem as they were victimized by a cyber ransomware attack as none of their healthcare files had been maliciously encrypted. Their attorney, Brian Jackson stated, “I can’t tell you with absolute certainty that they did not send a ransom demand. I can tell you we did not open one.” However, Nocona patient files were posted on the dark web.
