Phishing Attack In EyeSouth Breached 24000 Patient Records
Hackers see the healthcare industry as a lucrative target for hackers, why we say so is because we have seen this happening again and again. In 2017 we saw how criminals targeted hospitals with weaponized- ransomware, misconfigured cloud storage buckets and phishing emails.
In 2018, it continued and this time the cybercriminals got more creative, despite better awareness among healthcare organizations. We saw how 3 phishing hacks breached 20,000 patient records at Catawba Valley. The officials at Catawba discovered that a hacker had access to three accounts for more than a month. It was found that the email accounts included patient names, dates of birth, medical data and health insurance information, and Social Security numbers of some patients.
Nothing much has changed since then. In a recent report on February 05, 2019 we hear that Georgia-based EyeSouth Partners suffered data breach clocking 24,113 patient records. Nothing new in the modus operandi- the protected health information was compromised after an employee email hack.
Verizon’s 2018 Data Breach Investigations Report (DBIR) found that the healthcare industry was the only sector that had more internal actors (56 percent) behind data breaches than external actors (43 percent).
As reported in Health IT Security portal, on October 25, officials at EyeSouth Partners discovered an individual gained unauthorized access to an employee email account. Upon investigation, the officials secured the account and launched an investigation, and as history repeats, they and found the access began more than a month earlier on September 11.
EyeSouth worked with a third-party forensics team and found the security incident potentially breached patient names, health insurance carriers, and some account balance information.
The provider has since strengthened the effectiveness of the IT safeguards and confirmed the security of its systems.
Bryan Sartin, the Verizon Executive Director of Security Professional Services, once said “It is now the most prevalent form of malware, and its use has increased significantly over recent years. Businesses are still not investing in appropriate security strategies to combat malware—the cybercriminal is the only winner here”.
DBIR recommended that the healthcare industry should institute full disk encryption to protect sensitive information on devices and put in place policies and procedures to monitor access to protected health information (PHI).
Julia Sowells960 Posts
Julia Sowells has been a technology and security professional. For a decade of experience in technology, she has worked on dozens of large-scale enterprise security projects, and even writing technical articles and has worked as a technical editor for Rural Press Magazine. She now lives and works in New York, where she maintains her own consulting firm with her role as security consultant while continuing to write for Hacker Combat in her limited spare time.