Patient records were placed at risk due to a recent ransomware attack on a Virginia dermatology clinic…
A Reston, Virginia dermatology clinic was hit with ransomware in June, leaving over 13,000 patient records at risk. Professional Dermatology Care is offering identity protection services to the patients who were affected. The clinic is also encouraging these patients to monitor their credit. According to Health Data Management, the information that could be exposed included patient names, addresses, birthdates, social security numbers, Medicare numbers, medical and billing information.
It is not being reported if the clinic was able to remediate the issue on their own, or if they ended up paying the ransom to gain access to their records. The ransomware variant that attacked Professional Dermatology Care is also unknown.
If you ever find yourself a victim of ransomware, we encourage you to follow these five steps:
- Do not pay the ransom – If you do, you’re just giving the hackers a reason to keep hacking. Use your back up files to restore your systems. Again, don’t pay!!
- Inform the FBI – By informing the FBI they can investigate to potentially bring legal action against the hacker. All cyber criminal activity should be reported to the federal IC3 agency. You can file a complaint with them here.
- Notify your current security software company – You also MUST inform your security software company. If they didn’t know they missed a malicious attack, they cannot stop it in the future. Also, many anti-virus software companies share their blacklist, or the list of known bad files. So by sharing it with your software company, they then share it with others; saving thousands of people from falling victim to the same attack that just got you.
- Educate yourselves and your employees – Many times we attend one training, or listen to one webinar and consider ourselves educated on the matter. This cannot be further from the truth. Continued education on current cyber security threats is imperative. We recommend our friends at KnowBe4 for both personal and enterprise training on cyber security. As always, all PC Matic home security subscribers are offered a free cyber security training through KnowBe4 as well.
- Reevaluate your security software protection – If your security software failed you, perhaps you should look for an alternative security option. The United States Computer Emergency Readiness Team (US-CERT) strongly advises using a whitelist security technology. For personal uses, PC Matic home protection offers superior protection with advanced whitelisting technology. For enterprise use, there is PC Matic Pro, which offers advanced security protection with proprietary whitelisting technology.
For a list of other ransomware attacks that have taken place in 2016, click here.
We have also generated an interactive map that includes all of the ransomware attacks within the United States that have occurred this year.