PHI of 44,600 Patients of Golden Heart Administrative Professionals Compromised Due to Ransomware Attack

The Golden Heart Administrative Professionals located in Fairbanks, AK serves as a business associate to local healthcare providers by providing invoicing as a service. It suffered a ransomware attack lately and is notifying 44,600 people that unauthorized people possibly accessed certain portions of their protected health information (PHI) due to the attack.

The ransomware infected a server that carries the PHI of patients. The provider gave a press release directed to all clients saying that the patient data are assumed to be compromised.

Golden Heart already informed the federal and local law enforcement agencies concerning the ransomware attack. In the meantime, they are attempting to recover the files. This ransomware attack is the largest data breach reported to the Department of Health and Human Services’ Office for Civil Rights in July. It is likewise the second healthcare data breach that is reported in Alaska this month.

At the beginning of July, the Alaska Department of Health and Social Services pointed out that it had encountered a data breach because of a malware attack. The attackers downloaded a Zeus/Zbot Trojan in their system potentially allowing the attackers to access the PHI of about 500 people. There are recent reports that suggest ransomware attacks are going down because many cybercriminal groups are turning to cryptocurrency mining; nonetheless, it appears that healthcare companies are still being attacked by ransomware.

A week ago, LabCorp was attacked by a SamSam ransomware impacting on its circle of clinical testing labs. Luckily, LabCorp identified the attack quickly – about 50 minutes – right after it occurred. Systems were turned off to prevent considerable file encryption. There is no confirmed number of patients affected by the breach yet, although some information suggest that millions of patients were possibly affected.

Cass Regional Medical Center based in Harrisonville, MO suffered a ransomware attack, too, on July 9. The hospital staff could not access the communications system and EHR or electronic medical record system. Emergency cases of stroke or accident victims were redirected to other healthcare facilities. The attacker installed the ransomware in the server right after a brute force RDP attack.. It took 10 days to restore the EHR systems because of the attack.