Florida Medical Facility Suffers Cyber Attack
FABEN Obstetrics and Gynecology of Jacksonville, Florida, was the victim of a ransomware attack in November of 2018. The ransomware variant, GandCrab, infected a server, encrypting patient files from January 2007 to April 2017. The attack was executed through a malvertising campaign that targeted Adobe Flash or Windows VBScripting engine vulnerabilities to infect the devices. This is a prime example of how critical it is, to keep applications and operating systems updated. In addition, users should be running an application whitelisting antivirus to prevent the malware from running through these vulnerabilities.
Once the infection was found, FABEN officials stated they deleted the infected files in an attempt to minimize the impact of the attack. By restoring systems using their backup files, the medical facility was able to avoid paying the ransom demands. However, there was information, specifically from 2014 to 2017 that could not be restored.
Approximately 6,000 patients who visited FABEN from 2014 to 2017, whose records were lost, are being notified.
Although there is no evidence patient information was taken without proper authorization, FABEN officials are informing patients medical records have been deleted and potentially compromised as a result of the cyber attack.
Other Attacks
For a list of ransomware attacks that have already taken place in 2018, you may click here. We have also created a map, see below, of the ransomware attacks that have taken place in the U.S.