Healthcare Ransomware Attack at Indiana ENT Office Impacts 45K

August 26, 2021 - A healthcare ransomware attack resulted in potential exposure of the personally identifiable information (PII) and protected health information (PHI) of over 48,000 individuals at Indiana-based CarePointe ENT.

The ear, nose, throat, sinus, and hearing provider sent a letter to all current and former patients on August 23 alerting them of the security incident.

The cyberattack occurred on June 25 when the attacker gained access to the provider’s encrypted system containing electronic health records. Leaked information included Social Security numbers, names, addresses, birthdates, and health insurance information.

“These rampant attacks continue to challenge everyone in the business and medical communities,” CarePointe’s notice stated.

“We believe it is likely the attacker only wanted money and not the information on our computers but, in an abundance of caution, we are letting you know that your information was encrypted by the attackers.”

As a result of the attack, CarePointe said that it took measures to prevent the likelihood of a future attack by increasing threat detection and restricting remote access to its system.

“While our investigation did not find evidence that your information has been specifically misused, we could not rule out the possibility that files containing some patient information may have been subject to unauthorized access as a result of this incident,” the notice continued.

CarePointe encouraged its patients to look out for suspicious activity and provided directions for freezing credit files and placing fraud alerts. The ENT provider also set up a toll-free call center to answer questions about the cybersecurity incident.

Data breaches are becoming increasingly common in the healthcare sector. Both small and large health systems are being hit by ransomware attacks that disrupt workflow and patient care.

In recent news, Utah-based Revere Health fell victim to a phishing scam that exposed 12,000 patients’ PHI in a matter of 45 minutes.

In addition, more than 600,000 patients were impacted by a data breach at University of New Mexico (UNM) Health recently. The breach exposed PII and PHI across the major health system’s New Mexico hospitals.

Memorial Health System, based in West Virginia and Ohio, also suffered a data breach that resulted in emergency room diversions, appointment cancellations, and workflow disruptions.

The attackers are usually interested only in obtaining money and threatening to publish patient records if they do not get paid. The contents of the records are often merely a means to an end. However, the cyber threats often influence organizations to pay the ransom for fear of additional damage.

Research suggests that ransomware payments can potentially double recovery costs. The FBI has continually discouraged paying the ransom, as it is often more costly and does not guarantee a speedy recovery.

“The FBI does not support paying a ransom in response to a ransomware attack,” the agency’s website states.

“Paying a ransom doesn’t guarantee you or your organization will get any data back. It also encourages perpetrators to target more victims and offers an incentive for others to get involved in this type of illegal activity.”