Decatur District General Hospice Malware Attack Exposes 24,000 Patients

It has been said that Decatur District General Hospice in Tennessee faced a malware attack following a bug was uploaded to a computer network containing its electronic medicinal record system. It’s supposed that assailant might have gained access to the medicinal records of as many as 24,000 people.

The malevolent program system was discovered on November 27, 2017 by the hospice’s health record system seller, who carries out maintenance of the computer network on which the system is run. An audit revealed that revealed that the malware was a miner of cryptocurrency.

Cryptocurrency mining is described as utilizing computer processors to confirm cryptocurrency dealings and record them on the general public ledger having details of all dealings from the time when the currency was started. The steps for confirming dealings require computers to resolve complex mathematical problems.

Cryptocurrency mining may be accomplished by any individual having a computer, and in response to resolving those mathematical difficulties, the miner is compensated with a nominal payment for confirming the deal.

A single computer can let an individual make a few dollars per day carrying out cryptocurrency mining. Big quantities of computers can result in bigger profits. A group of cryptocurrency mining slave computers, like those infested with a cryptocurrency mining malevolent program, can result in huge incomes. Cryptocurrency malware infections and campaigns have risen in recent times.

As cryptocurrency mining utilizes a huge amount of handling power, computers infested with the malware might slow remarkably, even though it might not always be specious that contagion has been installed. In the attack at Decatur District General Hospice, the malware contagion wasn’t found by its EMR seller for over two months. It seems that the malevolent program was installed before September 22, 2017.

In most cases, the cryptocurrency mining malevolent program has only one function. The malware isn’t usually seen with data thievery. Nevertheless, in this situation, the cyberpunk seems to have accessed the server to install the malevolent program. Access to patient files was therefore achievable.

Decatur District General Hospice performed a detailed inquiry into the malware infection and server breach, and although nothing was found to indicate data theft or data access was carried out, it wasn’t possible to fully confirm that data access hadn’t happened. For that reason, steps were taken to send warnings to patients whose PHI had possibly been undermined.

Because of the highly confidential nature of data kept on the server – names, treatment accounts, prognoses, Social Security numbers, birth dates, addresses, and insurance billing info – all people affected by the happening have been, as a safety measure, provided credit checking facilities for one year via True Identity free of charge.

Nothing to suggest abuse of PHI has been informed so far and the hospital thinks the only purpose of the assailant was to place the malevolent program, not to thieve patient information. Nevertheless, patients have been alerted of the significance of exercising care and keep a check on their credit, accounts, and EOB reports for any indication of fake operations and to be cautious of any communication received through the phone, mail, or email concerning the attack.