[BreachExchange] Life Healthcare reveals damage caused by data breach

Destry Winant destry at riskbasedsecurity.com
Tue Sep 1 10:08:53 EDT 2020


https://www.itweb.co.za/content/rW1xLv59YPGvRk6m

Life Healthcare Group, the second largest private hospital operator in
SA, says it has “substantially” restored its IT systems following the
cyber attack that crippled its operations in June and July.

The hospital group was hit by the cyber attack, in the midst of the
COVID-19 outbreak, in the second week of June.

Life Healthcare did not revealed the nature of the security breach at
the time and was forced to bring in external cyber security experts
and forensic teams “to advise and supplement internal teams and
capacity”.

In a trading update today, the hospital group says the attack has now
been contained and for the first time revealed how the attack impacted
on its operations.

“As previously communicated, the group’s southern African business was
a victim of a malicious cyber attack by criminals. The manual backup
processes, brought into effect as a result of the attack, impacted the
ability of the southern African operations during the month of June
and part of July 2020 to complete patient billing, submit claims to
medical aids, process supplier invoices and produce financial
results,” says Life Healthcare.

“The group was able to substantially restore its IT systems at the
beginning of July 2020 and has since then been able to materially
operate as normal.”

More entities in SA have been targeted by cyber criminals in recent weeks.

Last week, ITWeb reported insurer Lombard Insurance is working with
the Information Regulator and South African authorities after
suffering a data breach.

The company said independent ICT and forensic experts were working
with the insurer’s internal team to analyse the breach and
systematically restore the integrity of its systems.

The company reported the matter to authorities and an investigation is
under way.

Similarly, two weeks ago, Experian, a consumer, business and credit
information services agency, announced a breach of data which exposed
some personal information of as many as 24 million South Africans and
793 749 business entities.

In the same week, financial services provider Momentum Metropolitan
also confirmed it had been hit by a cyber attack.

Momentum said it became aware of a data breach on its network on 13
August and immediately activated its IT security incident plan, which
included the implementation of additional systems monitoring and the
reinforcement of its IT security strategy.


More information about the BreachExchange mailing list