Another Healthcare Firm Falls Victim to GandCrab Ransomware

GandCrab ransomware was first introduced in early 2018 and it is an infamous family of cryptovirus. It has this dubious distinction as one of the most destructive cyber infections, and within a year, it has created enough furor.

The ransomware has been using an array of various distribution methods, including cracks, keygens RIG, GradSoft, and Fallout exploit kits. Bitdefender research team has termed it as one of the most devastating malware in recent times.

Cybercriminals have developed a taste for healthcare institutions, and it has recently hit the Doctors’ Management Service which fell victim to GandCrab ransomware. It infected their systems by injecting code designed to steal data for future fraud operations.

You may have not heard of DMS (Doctors’ Management Service). It’s a medical billing service headquartered in Massachusetts that provides medical billing services to physicians and hospitals. Your hospital or physician might have provided them with your health information if your doctor or hospital contracts with them.

According to the DMS notice the breach, occurred in April of 2017. The organization realized the breach in December last year when the attackers via Remote Desktop Protocol (RDP) placed ransomware on their vulnerable workstation. An investigation later revealed the most notorious ransomware deployed GandCrab.

DMS declined to pay the ransom as demanded by the GrandGrap operators and recovered its data from backup. The organization is not sure if the attackers have accessed the backup information, but to be on the safe side, they notified everyone who may have been affected. If the attackers are also in possession of the data, it is obvious they will have sensitive diagnostic information, and other details like name, address, and date of birth, Social Security number, license number, insurance details, and other information.

The company has offered its clients a free credit monitoring service to those who have received DMS’s notice. Nevertheless, since credit monitoring isn’t tantamount with protection against fraud, affected parties are advised to carefully monitor their bank statements for any abnormalities. DMS has changed its network security system in order to restrict unauthorized access to its systems and to improve its network security.

Why this breach is serious is because almost 38 healthcare centers have been impacted, including Beverly Surgical Associates, Today’s Wellness PLLC, Thompson Medical Associates, New England Community Medical Services, Neuro Institute of New England, and more.

  1. Anjum Baqai Associates
  2. Arcangel Neurological Consultants
  3. AT Care PLLC
  4. AUM Healing Center
  5. Bell Mental Health Associates
  6. Beverly Surgical Associates
  7. Bhealthy Primary Care
  8. First Choice Community Medical Services
  9. Holy Family Medical Specialty
  10. Lowell General Inpatient Specialists
  11. NE Pulmonary & Sleep
  12. New England Inpatient Specialists
  13. New England Pulmonary & Sleep Specialists
  14. Today’s Wellness PLLC
  15. Incare LLC
  16. Principes Medical Group
  17. Joseph Schwartz PLLC
  18. Neuro Institute of New England
  19. New England Reconstructive & Aesthetic
  20. Northwoods Surgical, PLLC
  21. Pathways Healthcare LLC
  22. Peaceful Soul
  23. Personalized Medicine
  24. Pinnacle Medical Group
  25. Post-Acute Cardiology
  26. Precision Surgical Specialists of Lowell
  27. Premiere Care
  28. Saxony Primary Care PLLC
  29. Sports Medicine Health LLC
  30. Surgical Group of Norwood
  31. The Wholeness Center
  32. Theresa M Smith Practice
  33. Thompson Medical Associates
  34. WLB Rehabilitation Medicine
  35. Heywood Athol Inpatient Specialists PLLC
  36. Winchester Hospital Inpatient Specialists
  37. Dutch Connection LLC
  38. New England Community Medical Services

Related Resources:

GandCrab Ransomware Sextortion Campaign Targets Thousands

Bad Actors Still Raking Profit From Ransomware

Healthcare Industry Continues To Be the Favourite for Ransomware

Julia Sowells960 Posts

Julia Sowells has been a technology and security professional. For a decade of experience in technology, she has worked on dozens of large-scale enterprise security projects, and even writing technical articles and has worked as a technical editor for Rural Press Magazine. She now lives and works in New York, where she maintains her own consulting firm with her role as security consultant while continuing to write for Hacker Combat in her limited spare time.

0 Comments

Leave a Comment

Login

Welcome! Login in to your account

Remember me Lost your password?

Don't have account. Register

Lost Password
Register