The digitization of medical care has become a megatrend in recent years. It can be presented by the growing development of mobile medical care and the entire workflow of traditional medical care strengthening the degree of informational. Especially after the introduction of AI technology, the use of medical big data to assist diagnosis and the use of computer vision to analyze medical image pictures, it has also been confirmed to improve the diagnosis and treatment rate. Under ideal conditions, the current medical digitization is the best way to solve the inefficiency of medical resource allocation worldwide. Through long-distance communication between doctors and patients, the cost of long-distance migration during medical treatment can be saved. However, medical digitization brings more than just benefits. Its dark side, data leakage, is bringing unexpected results to the world.
Medical data has a higher value than other data, which has attracted a lot of attention from hackers. A healthcare organization in the Detroit area is warning patients that their information may have been compromised in a recent data breach. Beaumont Health, a network of eight hospitals through the Detroit area, stated that approximately 112,000 people’s names, birth dates, Social Security numbers, medical conditions, bank account data, and driver’s license numbers were accessed by an unauthorized third party. According to the researchers, this data breach was originated by a phishing attack launched on a Beaumont staff’s email account. Even though the organization has no idea if the data has been abused, they can confirm that this attacker had accessed those PII from May 23rd, 2019 to June 3rd, 2019.
According to Beaumont Health, the incident involves information about less than 5% of the 2.3 million people that the medical organization has treated in the nearly 12 months since the attack occurred. The attack launched in several months before U.S. facilities started responding to the COVID-19 outbreak. As healthcare workers are rush to treat patients affected by COVID-19, hackers are taking this opportunity to steal patients’ PII and ask for ransom. Sometimes the attackers would even ask for a lower ransom.
LIFARS’ Incident Response and Digital Forensic highly skilled team of professionals will effectively manage data breach response, examine digital evidence and compromised systems for forensic artifacts of threat actor actions, lateral movement and data exfiltration, including social security numbers, driver licenses, health records, or any other sensitive data. Our skilled investigative team leverages knowledge from previous investigations to better understand an attacker’s lateral movement through an enterprise using attacker exploitation techniques, tactics and procedures (TTP) and collected set of Indicators of Compromise(IOCs). Communication with executives and board is done on a daily basis.
- Military Precision: We strike with military precision execution to identify and contain the threat upon arrival for the prevention of further damage to your brand and reputation.
- Consummate Investigation: Our experts guide you step by step through the entire process of an Incident. Poised, streamlined communications throughout our in-depth investigation.
- Recovery and Post Incident Reporting: We will work with your internal IT teams to undergo a complete infection removal process and provide a thorough and diligent threat conversion.