Medical Hack
August 15, 2017 by

Los Angeles Hospital Targeted by Ransomware Attack

The Pacific Alliance Medical Center in Los Angeles has revealed it is the victim of a ransomware attack where attackers could have potentially breached health information of its patients.

In a disclosure, Los Angeles-based Pacific Alliance Medical Center has confirmed it learned of a compromise of its servers on June 14. The medical center shut down its networked computers to avoid a spread of the ransomware malware while turning to its incident and recovery procedures.

An initial forensic investigation by the healthcare provider’s IT team revealed several PAMC computers impacted by the attack before the virus was eventually removed to regain access to encrypted data. However, the healthcare provider’s notice did not reveal details of any ransom payments. Further, investigating officials did not rule out the possibility of any patient data viewed or stolen by the attackers.

The impacted server included records of personal and medical information belonging to patients. Specific information includes names, social security numbers, dates of birth, employment and insurance details, diagnoses, medical images and more. As things stand, there is no evidence to suggest that data was stolen. No financial information was stored in the targeted server.

“We have strengthened our virus detection and other systems and safeguards to prevent unauthorized persons from gaining access to our systems,” PAMC officials said. “We have also taken other steps to try to prevent similar incidents in the future.”

Hospital officials have since contacted the California Department of Public Health, the California Attorney General, the US Department of Health and Human Services’ Office for Civil Rights and the FBI to consult and inform the authorities of the breach. Still, the breach reporting tool has yet to publicly record the number of patients impacted by the breach. Recent changes to breach reporting guidelines places the burden of proof on providers, ensuring them to determine, with certainty, if hackers were able to access any private data.

As things stand, all PAMC patients are being offered two years worth of free identity theft protection services.

Image credit: Pixabay.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Robots are Now Vulnerable to Ransomware Attacks

Security researchers have put the spotlight on malware affecting humanoid robots with the first...

Read more arrow_forward

Free Decryption Tool Brings Respite to Victims of Aggressive Ransomware

A new and unusual family of ransomware has met its match after a ransomware tool backed by Europol...

Read more arrow_forward

Ransomware is ‘Modern-Day Extortion’, Says McAfee CEO

The chief executive of cybersecurity firm McAfee has labelled ransomware as the modern day answer to...

Read more arrow_forward