WatchPoint Security Blog

Another Healthcare Ransomware Attack in California

Written by Greg Edwards | October 06, 2016


Marin Healthcare District recently became the latest victim of a ransomware attack in California. Marin Medical Practices, the company that provides the Greenbrae, California-based district with business and healthcare system services, paid the ransom for an undisclosed fee. However, a failed backup system caused the company to lose clinical information collected in a two-week window at the district’s nine medical centers.

5,000 Patients’ Information Lost

An investigation into the attack that was discovered on July 26th revealed that the patients’ personal, financial or health information wasn’t accessed, viewed or transferred. As the healthcare district was restoring its systems, their backup failed, causing them to lose 5,000 patients’ information collected between July 11 and July 26. The information lost includes vital signs, limited clinical history, documentation of physical exams and communication records between patients and providers.

While the information lost wasn’t due to the ransomware attack, Marin Healthcare District CEO Lee Domanico ensured that the organization will strengthen their cybersecurity. “Our community can rest assured that the Marin Healthcare District will continue to work side by side with our vendors to ensure that all of our data is protected with today’s most advanced technology to reinforce their security systems against the most aggressive threats,” Domanico said in a statement.

Marin Healthcare is not alone; an Urgent Care Clinic in Oxford, Mississippi also reported yesterday (Oct. 4) that they had been hit by ransomware malware. The ransomware attack, which has been traced back to Russian hackers, occurred sometime in early July. However, the attack wasn’t discovered until August when an employee discovered that the servers were running slowly. The FBI was contacted, and the incident is still under investigation. While it’s unclear how many patients were affected by the breach, it’s very likely that patient data including names, social security numbers, dates of birth and other personal information was stolen.

Hollywood Presbyterian Medical Center in LA, Methodist Hospital in Henderson, Kentucky, and the Kansas Heart Hospital have also grabbed headlines as victims of ransomware.

Ransomware: The Most Persistent Cybersecurity Threat

Since the beginning of 2016, more than 4,000 ransomware attacks have occurred daily, a 300 percent increase over the approximately 1,000 attacks per day in 2015. Cybercriminals often gain access to the organization by tricking a user to disclose a password or click on an email attachment that contains malware. Prevention is the most effective defense against ransomware, and it is critical to take the necessary precautions to protect your company’s cybersecurity well-being.

Fortunately, WatchPoint has a solution to protect you from the prevalent threat of ransomware. CryptoStopper.io monitors your shared files and detects and isolates the attack the moment ransomware hits your network. An alert is sent to the administrator and the host is disconnected from the server.

While it is important to put as many barriers in place to prevent malware from hitting your network, there is nothing that can keep you 100% safe. Prevention is key, but protection is a must. Check out CryptoStopper.io to see how WatchPoint can protect your business from ransomware.

WatchPoint regularly hosts CryptoStopper webinars.  To attend the next webinar register below.