A Ransomware attack launched on the database of Mind and Motion Developmental Center in Georgia is said to have exposed over 16,000 patient records. A spokesperson from the healthcare said that the attack was discovered on Sept 30 this year but was made public only after a preliminary investigation was conducted and results were obtained.
News is out that the malware attack led to the leak of personal details such as patient names, addresses, birth dates, medical records, social security numbers, and insurance data.
According to a forensic report offered by TeamLogic IT, it was discovered that an inactive keylogger and spam emailer led to the breach.
The Mind and Motion Developmental Center is said to have reported the breach to the US Department of Health & Human Services and all the staff members were recently trained on how to spot security issues such as phishing attacks.
A consulting firm has been approached by the healthcare to make sure that the organization was meeting all the compliance standards of HIPAA after the breach.
Cybersecurity Insiders has learned that the hackers first encrypted the database with malware. But since their ransom demands weren’t obliged, chose to leak the data on the dark web.
However, to date, the health center authorities haven’t observed any signs of data leak on the dark web. So, assume that the hackers might have retreated when their ransom demands were not valued by the IT staff of the medical facility.