Memorial Health System Suffers Ransomware Attack, Data Theft

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360

Memorial Health System Suffers Ransomware Attack, Data Theft

Memorial Health System, a healthcare non-profit, disclosed suffering from a ransomware attack, encrypting their endpoints and forcing staff to work with pen-and-paper charts. 

The ransomware group Hive is allegedly responsible for the attack. The encryption of the IT environment forced the cancelation of numerous high-priority surgeries and radiological examinations. Although Memorial Health System president and CEO Scott Cantley stated on Sunday that patient and employee data remained unaffected, BleepingComputer found evidence indicating that databases containing sensitive information for 200,000 patients were stolen. 

For more, we turn to the cybersecurity experts. 


Memorial Health System Suffers Ransomware Attack, Data Theft

Josh Rickard

Josh Rickard is Security Solutions Architect at Swimlane.

“Since the onset of the COVID-19 pandemic, we have seen cyber-criminals take advantage of healthcare organizations again and again as new waves and variants persist. Healthcare organizations face unique challenges when looking to efficiently manage information security due to their large, distributed networks and complex electronic health record platforms that store highly sensitive protected health information.

In addition to the trove of unique data present, hospitals are also an appealing target for ransomware groups because they can’t afford downtime and are therefore viewed as more likely to pay the ransom quickly. In the case of Memorial Health System, urgent surgical cases and radiology exams were forced to be canceled due to the attack. Security operations within healthcare organizations are increasingly investing in ways to automate and centralize their detection, response, and investigation efforts into a single platform. This allows them to better visualize their effectiveness and further understand what is not working within their environment(s).

Even after access is regained following a ransomware attack, potential penalties for failure to detect and report on improper access create a long path to recovery. By leveraging the power of automation, these institutions can orchestrate their incident response and breach reporting processes to improve the…