Industry News

Ransomware operators breach 40.000+ records from Fetal Diagnostic Institute of the Pacific

The successful SamSam ransomware campaign targeting hospitals and clinics across the United States in the last year is breathing new life into hungry ransomware operators. The Fetal Diagnostic Institute of the Pacific based in Honolulu, Hawaii is the latest victim in this ongoing play.

On June 30, FDIP reportedly learned it had fallen victim to a ransomware attack that accessed data stored on its servers, including patient records. The ransomware family used to attack the institute was not named.

Patients’ full name, date of birth, home address, account number, diagnosis, or other types of information may have been affected, the institute said. No financial data was compromised as a result of the breach, as the facility does not store such data, the notice said.

FDIP enlisted the help of an unnamed cybersecurity firm to remove the malware and restore the data using backup files maintained specifically for such an occurrence.

The breach constituted a violation of Health Insurance Portability and Accountability Act (HIPAA).

“As required by law, FDIP will report this incident to the U.S. Department of Health and Human Services,” the institute noted.

“The cybersecurity firm cleansed FDIP’s computer systems, confirmed that no malware remained, and implemented additional protections to help avoid any future incidents. We do not expect that patients will experience any harm from this unauthorized disclosure, and there is no action patients need to take at this time. However, should any patient receive any suspicious communications or become aware of other activity they believe may be related to this event, please inform us immediately,” added FDIP.

Ransomware remains the most virulent form of malware to threaten not only the healthcare sector, but virtually every other industry out there. Security experts recommend that organizations sitting on large amounts of personal information use full disk encryption, as well as keep regular, offline backups for such contingencies.

About the author

Filip TRUTA

Filip is an experienced writer with over a decade of practice in the technology realm. He has covered a wide range of topics in such industries as gaming, software, hardware, and security, and has worked in various B2B and B2C marketing roles. He likes fishing (not phishing), basketball, and playing around in FL Studio.

Add Comment

Click here to post a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.