[BreachExchange] GandCrab ransomware strikes Doctors’ Management Services

Destry Winant destry at riskbasedsecurity.com
Fri Apr 26 09:21:49 EDT 2019


https://www.scmagazine.com/home/security-news/ransomware/gandcrab-ransomware-strikes-doctors-management-services/

Doctors’ Management Services (DMS) was struck with GandCrab ransomware
on Christmas Eve last year, possibly exposing the PII of its clients’
patients.

Timothy DiBona, CEO of the Massachusetts-based medical billing and
services firm, said in a statementthat the attack was first noticed on
Dec. 24, 2018 when DMS’s files became encrypted with what was
determined to be GandCrab ransomware. An investigation indicated that
the initial foray into DMS’s system began on April 1, 2017, when entry
was made through a Remote Desktop Protocol attack on an individual
endpoint. However, no malicious activity was detected until the file
encryption began.

The company was presented with a ransom note, but DMS refused to pay
and instead rebuilt its files from backups, DiBona said.

The information contained in the affected files included names,
addresses, dates of birth, Social Security numbers, driver’s license
numbers, insurance and Medicare/Medicaid information and numbers, and
medical information, including some sensitive diagnostic information
of patients belonging to the company’s medical practice clients.

DiBona said the company does not believe any of the information has
been accessed yet, and that all the medical providers that were
affected have been notified.

“Since discovering the breach, we have changed our network security
system to limit access to our systems from outside of our network and
to improve our network security. DMS, in conjunction with outside
information security experts, is working to help prevent similar
occurrences in the future,” DiBona wrote.

The following is a list of the medical practices whose patient data
was involved in the breach:

- Anjum Baqai Associates
- Arcangel Neurological Consultants
- AT Care PLLC
- AUM Healing Center
- Bell Mental Health Associates
- Beverly Surgical Associates
- Bhealthy Primary Care
- First Choice Community Medical Services
- Holy Family Medical Specialty
- Lowell General Inpatient Specialists
- NE Pulmonary & Sleep
- New England Inpatient Specialists
- New England Pulmonary & Sleep Specialists
- Today’s Wellness PLLC
- Incare LLC
- Pricipes Medical Group
- Joseph Schwartz PLLC
- Neuro Institutue of New England
- New England Reconstructive & Aesthetic
- Northwoods Surgical, PLLC
- Pathways Healthcare LLC
- Peaceful Soul
- Personalized Medicine
- Pinnacle Medical Group
- Post Acute Cardiology
- Precision Surgical Specialists of Lowell
- Premiere Care
- Saxony Primary Care PLLC
- Sports Medicine Health LLC
- Surgical Group of Norwood
- The Wholeness Center
- Theresa M Smith Practice
- Thompson Medical Associates
- WLB Rehabilitation Medicine
- Heywood Athol Inpatient Specialists PLLC
- Winchester Hospital Inpatient Specialists
- Dutch Connection LLC
- New England Community Medical Services


More information about the BreachExchange mailing list