[BreachExchange] Clinic discovers network breach that lasted 15 months

Audrey McNeil audrey at riskbasedsecurity.com
Thu Jul 20 20:21:41 EDT 2017 

http://www.hiewatch.com/news/clinic-discovers-network-
breach-lasted-15-months

Cyber attacks on healthcare IT systems are headline-grabbing events that
can lead to exposure of patient data, service disruptions, time-consuming
recovery processes, and high costs in the form of paying a ransom or
spending money on new servers, security systems, or consultants.

But that’s only when providers are aware their network and data has been
breached. Perhaps even more chilling is the prospect that a system breach
has gone undetected for months or even longer. Such was the experience of
Peachtree Neurological Clinic (PNC), which discovered a 15-month breach as
the Atlanta-based provider was investigating a recent ransomware attack.

In a notice to patients, Dr. Lawrence Seiden, a PNC managing partner,
explained that the clinic was able restore its files and the functionality
of its system through backup records in the wake of the ransomware attack.

“Subsequent scans of our system show no further sign of the ransomware,”
Seiden wrote. “However, through our investigation of the incident, we
discovered that our computer system previously had been accessed without
our knowledge by unauthorized individuals not affiliated with PNC between
February 2016 and May 2017.”

Seiden said the clinic was unable to determine which, if any, patient files
or information were accessed during the 15-month-long breach, but noted
that a patient’s “name, address, telephone number, social security number,
date of birth, driver’s license number, treatment or procedure information,
prescription information, and/or healthcare insurance information” could
have been exposed.

"We take patient privacy seriously and are very sorry for any concern or
inconvenience this incident has caused or may cause to anyone who has been
affected," Seiden said.

Uncovering a longstanding or ongoing healthcare system breach is not
without precedent. Excellus Blue Cross Blue Shield divulged in August 2015
what Wired called “a nearly 2-year old intrusion campaign in its network
that gave hackers access to potentially all its customers' records.”

Excellus said the breach may have begun as early as December 2013 and
potentially affected more than 10 million patients.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170720/f64afbc7/attachment.html>

More information about the BreachExchange mailing list