SamSam Ransomware Attack Strikes Indiana Doctors Group

May 23, 2018

 

A May 17, 2018 ransomware attack that took part of the network owned by Allied Doctors Group of Michiana out of order after the encryption of numerous files on its network.

Presently it remains unclear whether any PHI encrypted. An analysis of the safety occurrence is trying to decide whether any protected health information was gotten in the cyber-attack.

The attack was known swiftly and action was instantly applied to close down its network to safeguard the PHI of patients. Allied Doctors Group of Michiana has been working with its occurrence responder, external legal advisers, and other experts to study the scope of the HIPAA violation and salvage encrypted data.

The Indiana Doctors Group has declared that all data have now been recovered in a safe format and the attack did not cause substantial disruption to its customers. Measures have already been taken to increase safety and avoid future attacks of this type from occurring.

CEO Shery Roussarie summarized in a May 21 press release that the attack involved a variation of SamSam ransomware, which has been utilized in many cyberattacks thus far in 2018, including the ransomware attack on the City of Atlanta.

The cyber-criminal gang responsible for these SamSam ransomware attacks attempts to extract money from sufferers with ransom payments typically in the region of $45,000. Although a ransom payment was sent by the attackers, it’s not clear how much the ransom was and whether it was paid by the business. In the press release, Roussarie said, “The Business refuses to verify whether a ransom was paid or, if so, the amount.”

Allied Doctors Group of Michiana is cooperating with the FBI and all related regulatory organizations to find the extent of the occurrence. Further information will be published when it becomes available and patients will be informed if their PHI was impacted.