Golden Heart Administrative Experts Ransomware Attack Impacts 44,600 Patients

Jul 22, 2018

 

Golden Heart Administrative Professionals, a Fairbanks, AK-based billing firm and business associate of a number of healthcare suppliers in Alaska, is informing 44,600 people that some of their protected health information (PHI) has possibly been retrieved by illegal people as a consequence of a recent ransomware attack.

The ransomware was downloaded to a server having the PHI of patients. As per a press release issued by the firm, “All client patient information must be assumed to be compromised.”

Local and central law enforcement organizations have been informed concerning the cyberattack and attempts are continuing to regain files.

The Golden Heart Administrative Experts ransomware attack is the biggest data breach informed by a healthcare business in July, and the second main data breach to be informed by an Alaska-based healthcare business in July.

In early July, the Alaska Division of Health and Social Services declared that it had experienced a data breach as a consequence of a malware infection. The Zeus/Zbot Trojan – an information stealer – had been downloaded which possibly permitted the attackers to gain access to the protected health information of ‘over 500’ people.

Latest reports indicate ransomware attacks are decreasing, with several cybercriminal gangs changing operations to cryptocurrency mining; nevertheless, there doesn’t seem to be any let up in ransomware attacks on healthcare companies.

The previous week, LabCorp, the national system of clinical checking laboratories, suffered a SamSam ransomware attack. The attack was found within 50 minutes and systems were closed down to avoid extensive file encryption. The ransomware was downloaded after a brute force remote desktop protocol (RDP) attack. It is not presently known how many patients have been impacted by the attack, even though some reports indicate millions of patients’ PHI might have been compromised.

On Monday, July 9, Cass Regional Medical Center in Harrisonville, MO, suffered a ransomware attack that led to its communications system and electronic medical record system being taken down. The medical center took the decision to redirect ambulances for stroke and shock sufferers to substitute healthcare services. As with the LabCorp attack, the ransomware was downloaded to the server after a brute force RDP attack. The electronic medical record systems continued offline for 10 days as a consequence of the attack.