• Cyber Security
    • Ransomware Prevention
    • Ransomware Removal
    • Ransomware File Recovery
    • Ransomware Types
  • News
  • Tutorials
  • Ransomware TV

A Ransomware Attack on Private Healthcare Company Turns Into a Data Breach

September 5, 2018Simeon Georgiev

Health Management Concepts is a private healthcare service provider operating for decades. The company renders its clinical and other healthcare services in several states. Last month, the IT department of the organization identified a ransomware activity on the network targeting a server, which was used to share information with clients.

Instead of commencing its own ransomware removal activities, HMC paid the ransom money to obtain the decryption key from the attackers. The organization hasn’t declared the amount of money paid to the attackers. It is important to note that the company succeeded in decrypting the locked down files without affecting its day-to-day healthcare management services.

However, three days after the attack, the company found out that it had mistakenly provided a file to the attackers containing confidential patient information. The file contains the names, health insurance plans and social security numbers of the members of IBU, one of the clients of HMC.

HMC immediately notified the IBU and regulators about this unintentional data breach. HMC management is still trying to figure out how a client file was sent to the attackers. Ransomware removal experts think that the file might be sent by the organization’s IT guys before the payment of ransom to verify that the decryption key is valid.

After the attack, HMC has started to work on streamlining its digital security. The company is setting up an all-new backup on a different cloud storage service. Moreover, the access to company servers through Remote Desktop Protocols has also been prohibited in the newly devised security policy.  

The episode of HMC ransomware attack vindicates the position of law enforcement bodies and security experts that ransomware victims should not resort to ransom payments. An in-house ransomware removal measure by the organization would have prevented this inadvertent breach of confidential client data.

 

Simeon Georgiev
https://www.linkedin.com/in/simeon--georgiev/
I am a Cyber Security Enthusiast from Bulgaria. I like to write about malware and ransomware and global cyber attacks. You can reach me on Twitter @sgeorgiev1995 or Email: simeon10georgiev@gmail.com
Previous post Retailers: Another Valued Target for Ransomware Operators Next post Email is the Most Common Ransomware Delivery Method, a Survey Suggests.

Related Articles

NonPetya Ransomware Caused Millions of Dollars Worth of Damage to Maersk

January 27, 2018Simeon Georgiev
NonPetya Ransomware Caused Millions of Dollars Worth of Damage to Maersk

Ransomware: 4 Types of the Latest Trend in Cybercrimes

February 1, 2018Simeon Georgiev
Ransomware: 4 Types of the Latest Trend in Cybercrimes

NonPetya Ransomware Caused Millions of Dollars Worth of Damage to Maersk

February 1, 2018Simeon Georgiev
NonPetya Ransomware Caused Millions of Dollars Worth of Damage to Maersk

Latest on Ransomware TV

https://vimeo.com/399908876?loop=0

Recent Posts

  • Ways to Catch Cybercriminals
  • What Expertise is Required to Deal with Ransomware Removal?
  • Tips to Prevent Ransomware Attacks on Your Device
  • Ways to Store Your Data Securely
  • Software Available to Save Yourself from a Ransomware Attack

Stay Protected

Subscribe to our mailing list to get the latest cyber security and ransomware removal articles!

Thank you for subscribing.

Something went wrong.

Navigation

  • Cyber Security
    • Ransomware File Recovery
    • Ransomware Prevention
    • Ransomware Removal
    • Ransomware Types
  • News
  • Tutorials

Ransomware Attacks (Last 6M)

0

Connect & Protect

Facebook
Google+
LinkedIn
YouTube
Vimeo

More

  • BECOME A CONTRIBUTOR

MonsterCloud Reviews

© 2020 MonsterCloud.com. All Rights Reserved.