LVHN: Images of Cancer Patients Posted on the Dark Web After Cyberattack
The Lehigh Valley Health Network has reported that stolen documents and images of cancer patients are circulating on the dark web after a recent cyberattack. Three photos of cancer patients receiving radiation oncology treatment, along with seven other documents containing patient information have been posted online, the health network confirms. The leak follows a cyberattack that was discovered on February 6 by a ransomware gang called “BlackCat,” which the health network previously said is associated with Russia. At the time the attack was discovered, Lehigh Valley Health Network’s president and CEO said they refused to pay up on a ransom that was demanded by the group.
It was just this past January when the Department of Health and Human Services put out a warning about the group, saying BlackCat is a relatively new but highly-capable ransomware threat to the health sector that was first detected in November 2021. – Reference: 6ABC News
WISE WORDS FROM OUR IT DEPT.
Unfortunately, there is no magic solution to protect your systems and data. You must have a comprehensive, multi-layered approach and you need to adjust for the ever-changing challenges and potential threats.
Our Insight
At this time, there are no details as to how the hackers got into their system. We doubt they will release this information because it would open up the doors for others. Reading between the lines, it suggests the doctor’s office didn’t have multi-factor authentication (MFA) or device management enabled for their entire network.
If this was our customer, we would do an audit of their entire infrastructure and current security measures. And we would immediately increase the proper level of protection for their business. This would include MFA, firewalls, DNS, device management, phishing filters, and phishing training. In today’s digital age, cybercrime is on the rise, and businesses must take steps to protect themselves and their customers. Learn more about how to protect your business by reading the 2 articles below.
Audit Cloud Environments
Monitor Remote Access
Disable Unnecessary Ports + Protocols
Patch externally facing equipment
One-Time Passwords
Email Code
Biometric Authentication
Authenticator Apps
Own IT. Secure IT. Protect IT.
Let’s Talk Managed IT and Cyber Security
We emphasize accountability and the importance of taking proactive steps to enhance cybersecurity in the workplace and at home. Altek can analyze your current infrastructure, network security, and office technology to create a plan that aligns with your company’s needs while staying within a monthly budget.