Industry News

Hackers fly under the radar for two years after infecting chiropractic clinic with malware

Chiropractors may not be regarded as full-blown medical doctors, but hackers don’t discriminate when targeting the health sector, as one chiropractor in Tillamook, Oregon will tell you.

A report published by local publication Tillamook County Pioneer reveals that on August 3rd, 2018, during an internal security audit, Tillamook Chiropractic Clinic learned its systems harbored carefully crafted malware for more than two years.

“On May 24, 2016, malware was installed on the primary insurance billing system, which hackers then used as a staging area to collect patient records, including patient full name, any diagnoses, lab results, medications, home address(es), work address(es), phone number(s), driver’s license, date of birth, social security numbers (for Medicare patients only), insurance billing information, bank routing numbers & account numbers, as well as employee payroll data,” according to the notice.

Hackers reportedly bypassed both anti-malware and firewall protection. The clinic was also using the latest version of operating systems with all patches installed at the time it got hacked. Nevertheless, copies of 4,058 patient records are believed to have been stolen, the report notes.

“The unauthorized access was terminated on August 3rd, 2018, immediately after discovery. Additionally, the computer security systems of Tillamook Chiropractic Clinic have been significantly modernized and upgraded, the policies have been updated, and notifications are being issued to individual patients as well as credit reporting agencies,” states the notice.

The clinic advises clients to actively monitor their credit reports and bank accounts for any signs of fraud or identity theft. Patients who believe they have already fallen victim are being directed to credit grantors with the recommendation to freeze their credit.

About the author

Filip TRUTA

Filip is an experienced writer with over a decade of practice in the technology realm. He has covered a wide range of topics in such industries as gaming, software, hardware, and security, and has worked in various B2B and B2C marketing roles. He likes fishing (not phishing), basketball, and playing around in FL Studio.

Add Comment

Click here to post a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.