New Hampshire Healthcare Facility Suffers Ransomware, Followed by Security Breach
Health Management Concepts (HMC) of New Hampshire recently suffered a ransomware attack. The variant has not been disclosed to the public, but HMC officials did report they paid an undisclosed ransom amount.
Before going on, it should be noted that paying the ransom demands is a terrible idea. First, there are no guarantees the hackers will provide a decryption key. Second, it sets the precedence that ransom demands will be paid, making the organization a target for future attacks.
Now, to be fair, in this particular instance, a decryption key was provided that unlocked all of the locked files. However, there is speculation that paying the hackers could have led HMC to inadvertently providing confidential patient data to the hackers. But how?
CoveWare, a ransomware recovery firm, suggested to Health IT Security, that an encrypted file may have been sent to the attackers to demonstrate that they indeed could decrypt the file if the ransom was paid. Again, that is just speculation.
Regardless, the hackers got their hands on patient names, social security numbers, and insurance plan data. Therefore, this means a double payday for the hackers. Not only did they obtain the information they can sell on the dark web, they were paid to provide a decryption tool for files they themselves infected.
HMC said in a letter to the New Hampshire Attorney General,
“To help prevent this type of incident from occurring again, HMC is adding enhanced security protocols to its current server, including removing access to the server through Remote Desktop Protocol. It also is migrating its server to another cloud computing service, which will provide additional security.”
Other Ransomware Attacks
For a list of ransomware attacks that have already taken place in 2018, you may click here. We have also created a map, see below, of the ransomware attacks that have taken place in the U.S.