Bad Actors Target Small Clinics With Healthcare Ransomware Attacks

September 30, 2021 - As COVID-19 continues to overwhelm providers across the country, cybercriminals are increasingly targeting smaller facilities with sophisticated healthcare ransomware attacks that cause EHR downtime and care disruptions.

A recent study showed that hackers are turning to outpatient clinics, smaller hospitals, and business associates to target their attacks at unassuming victims.

Some bigger health systems such as DuPage Medical Group and St. Joseph’s Candler face lawsuits for alleged negligence in preventing cyberattacks, smaller clinics are gradually becoming prime targets for cybercriminals.

NH Family Health Clinics Back Online After Ransomware Attack

New Hampshire-based Coos County Family Health Services (CCFHS) is back in operation after a ransomware attack that forced it to shut down phone services and EHRs, according to The Berlin Sun. Coos County Family Health CEO Ken Gordon said that the organization discovered the attack on September 20 after noticing abnormalities in the network.

The network of clinics, which serves over 15,000 New Hampshire residents annually, was forced to shut down the entire system, including EHRs, email, and phone services, to prevent further damage. CCFHS offered limited services during the outage, including prescription refills and lab tests.

Gordon said in a public statement that there is currently no evidence of unauthorized access to patient records or misuse of protected health information (PHI).

“Fortunately, we were able to bring this episode to a successful conclusion on Thursday of last week,” Gordon confirmed on September 27.

CCFHS said that prior to the attack, it recently implemented endpoint protection and other security measures to safeguard against cyberattacks.

Texas Surgical Center Data Breach Impacts 29K

McAllen Surgical Specialty Center began notifying 29,227 individuals of a data breach that occurred in May. An unauthorized actor accessed the center’s servers between May 12 and May 14.

Following an investigation, McAllen Surgical discovered encrypted files and were unable to rule out the possibility that the hacker accessed patient information.

Although there was no indication of information misuse, the provider noted that addresses, names, Social Security numbers, health insurance information, provider names, medical record numbers, patient numbers, and dates of service were present on the infected network.

“McAllen Surgical takes the confidentiality, privacy, and security of information in its care seriously,” the statement explained.

“Upon discovery, McAllen Surgical immediately commenced an investigation to confirm the nature and scope of the incident. In response to the incident, McAllen Surgical is reviewing and enhancing existing policies and procedures.”

The statement recommended that patients remain watchful for suspicious account activity and identity theft.

45K Impacted by Mental Health and Addiction Center Cyberattack

Talbert House, an Ohio-based provider that provides mental health, addiction, community care, and housing services, announced that it suffered a data security incident that impacted 45,000 individuals.

Talbert House discovered suspicious network activity on June 11 and immediately took its network down for a short period of time. An unauthorized third-party accessed the network and obtained files containing the protected health information (PHI) of clients, employees, and partners.

The files included client names, mailing addresses, medical information, and health insurance information. Some employee and third-party partner Social Security numbers, driver’s license numbers, and financial account information may have also been impacted.

Philadelphia Behavioral Healthcare Center Suffers Ransomware Attack

Horizon House fell victim to a healthcare ransomware attack that may have exposed the protected health information (PHI) of 27,823 individuals.

The Philadelphia-based healthcare center, which provides behavioral health and housing services, discovered that its systems had been encrypted by a ransomware actor on March 5, 2021. Horizon House said it worked quickly to restore access to the information and conduct a thorough investigation into the incident.

On September 3, Horizon House determined that personal information was included in the breach, including Social Security numbers, financial account information, medical claim information, driver’s license numbers, names, addresses, medical diagnoses, health insurance information, and medical record numbers.

“Horizon House is unaware that any of the information was misused or disseminated by the unknown actor and is therefore providing this notice in an abundance of caution,” the statement explained.

The center is offering free credit monitoring and identity protection services to all impacted individuals.