Scripps Health is operating under EHR downtime and diverting some critical care after a ransomware attack over the weekend; a third-party incident, employee error, and phishing email hacks complete this week’s breach roundup.

What can you take away from all of this? The vulnerability of the healthcare sector is only getting worse as the the primary target of ransomware attackers.

[Read more: Healthcare Ransomware Problem Is Getting Worse Recently]

 

RANSOMWARE HITS SCRIPPS HEALTH, DISRUPTING CRITICAL CARE AND ONLINE PORTALSan Diego, CA

Scripps Health in San Diego was hit by a ransomware attack over the weekend, forcing the health system into EHR downtime. Some critical care patients were diverted and the online patient portal has been taken offline, according to local news outlet San Diego Union-Tribune.

Monday appointments were also postponed due to the cyberattack, which disrupted operations at two of Scripps’ four main hospitals and backup servers that reside in Arizona. Providers and other clinicians are leveraging paper records, as telemetry has been impacted at most care sites. Access to medical imaging also appears to be down.

Reports say all four hospitals in Encinitas, La Jolla, San Diego, and Chula Vista were placed on emergency care diversion for stroke and heart attack patients, who were diverted to other medical centers when possible. All trauma patients were also diverted.

72,000 AFFECTED BY COVID CONTACT TRACING BREACH - Pennsylvania

The data of 72,000 individuals who used the Pennsylvania Health Department’s contact tracing app was exposed, after a third-party error. The vendor, Insights Global, was contracted by the state health department for contact tracing services.

On April 21, Insight Global leadership discovered that certain employees set up and used several different Google accounts to share information, including documents related to the collection of contact tracing.

The unauthorized collaboration channel likely made the data vulnerable to exposure. Officials immediately took steps to prevent further access to or disclosure of more information, which was completed two days after the discovery.

An investigation into the incident determined that some personal information related to COVID-19 contact tracing Pennsylvania, collected by employees, may have been accessible to individuals outside of authorized employees and public health officials.

For now, it appears the compromised data included the names of individuals who were potentially exposed to COVID-19, positive or negative test results, any experienced symptoms, household members, and some contact information for those with specific social support service needs. All affected individuals will receive complimentary credit monitoring and identity protection services.

 

EMPLOYEE ERROR EXPOSES DATA OF 164K PATIENTS - Wyoming

About 164,021 patients of the Wyoming Health Department were recently notified that their data was exposed, after an employee accidentally exposed their protected health information online.

On March 10, officials discovered that an employee unintentionally uploaded 53 files containing COVID-19 and influenza test result data and one file containing breath alcohol test results to private and public Github storage data repositories.

The exposed health data included COVID-19 test results electronically reported to the health department, including patient IDs, contact information, dates of birth, test results, and dates of service. No SSNs, banking details, financial data, or health insurance information was compromised.

The health department has since removed the impacted files from the site, and GitHub destroyed any dangling data from their servers. Officials said they’ve since revised policies to include prohibiting the use of GitHub or other public repositories. 

 

ONE EMPLOYEE'S EMAIL AFFECTS 31K PATIENTS IN PHISHING ATTACK - New York

The data of 31,195 patients of RiverSpring Health in New York was recently compromised after a successful phishing attack on one employee email account in September 2020.

A hacker gained access to an employee email account on September 14, 2020 through the phishing attack, which installed malware and led to the access and removal of data from the impacted account.

The compromised data varied by patient and could include demographic details, contact information, member IDs, Medicaid IDs and or SSNs, and references to medical information, like provider names. No credit card or financial information was impacted.

Used with permission from Article Aggregator