Another Healthcare Firm Falls Victim to GandCrab Ransomware
GandCrab ransomware was first introduced in early 2018 and it is an infamous family of cryptovirus. It has this dubious distinction as one of the most destructive cyber infections, and within a year, it has created enough furor.
The ransomware has been using an array of various distribution methods, including cracks, keygens RIG, GradSoft, and Fallout exploit kits. Bitdefender research team has termed it as one of the most devastating malware in recent times.
Cybercriminals have developed a taste for healthcare institutions, and it has recently hit the Doctors’ Management Service which fell victim to GandCrab ransomware. It infected their systems by injecting code designed to steal data for future fraud operations.
You may have not heard of DMS (Doctors’ Management Service). It’s a medical billing service headquartered in Massachusetts that provides medical billing services to physicians and hospitals. Your hospital or physician might have provided them with your health information if your doctor or hospital contracts with them.
According to the DMS notice the breach, occurred in April of 2017. The organization realized the breach in December last year when the attackers via Remote Desktop Protocol (RDP) placed ransomware on their vulnerable workstation. An investigation later revealed the most notorious ransomware deployed GandCrab.
DMS declined to pay the ransom as demanded by the GrandGrap operators and recovered its data from backup. The organization is not sure if the attackers have accessed the backup information, but to be on the safe side, they notified everyone who may have been affected. If the attackers are also in possession of the data, it is obvious they will have sensitive diagnostic information, and other details like name, address, and date of birth, Social Security number, license number, insurance details, and other information.
The company has offered its clients a free credit monitoring service to those who have received DMS’s notice. Nevertheless, since credit monitoring isn’t tantamount with protection against fraud, affected parties are advised to carefully monitor their bank statements for any abnormalities. DMS has changed its network security system in order to restrict unauthorized access to its systems and to improve its network security.
Why this breach is serious is because almost 38 healthcare centers have been impacted, including Beverly Surgical Associates, Today’s Wellness PLLC, Thompson Medical Associates, New England Community Medical Services, Neuro Institute of New England, and more.
- Anjum Baqai Associates
- Arcangel Neurological Consultants
- AT Care PLLC
- AUM Healing Center
- Bell Mental Health Associates
- Beverly Surgical Associates
- Bhealthy Primary Care
- First Choice Community Medical Services
- Holy Family Medical Specialty
- Lowell General Inpatient Specialists
- NE Pulmonary & Sleep
- New England Inpatient Specialists
- New England Pulmonary & Sleep Specialists
- Today’s Wellness PLLC
- Incare LLC
- Principes Medical Group
- Joseph Schwartz PLLC
- Neuro Institute of New England
- New England Reconstructive & Aesthetic
- Northwoods Surgical, PLLC
- Pathways Healthcare LLC
- Peaceful Soul
- Personalized Medicine
- Pinnacle Medical Group
- Post-Acute Cardiology
- Precision Surgical Specialists of Lowell
- Premiere Care
- Saxony Primary Care PLLC
- Sports Medicine Health LLC
- Surgical Group of Norwood
- The Wholeness Center
- Theresa M Smith Practice
- Thompson Medical Associates
- WLB Rehabilitation Medicine
- Heywood Athol Inpatient Specialists PLLC
- Winchester Hospital Inpatient Specialists
- Dutch Connection LLC
- New England Community Medical Services
Julia Sowells960 Posts
Julia Sowells has been a technology and security professional. For a decade of experience in technology, she has worked on dozens of large-scale enterprise security projects, and even writing technical articles and has worked as a technical editor for Rural Press Magazine. She now lives and works in New York, where she maintains her own consulting firm with her role as security consultant while continuing to write for Hacker Combat in her limited spare time.