Contact Contact Us

GandCrab Hits Another Healthcare Firm

The GandCrab ransomware has claimed another healthcare victim as a medical billing service in Massachusetts, US, is forced to recover an encrypted server containing protected health information from backups. The service provider, which handles medical payment matters for at least 38 hospitals and clinics, was compromised in April 2017 via a poorly secured Remote Desktop Protocol (RDP) access point. The hackers were able to access information such as names, addresses, dates of birth, social security numbers, insurance information and medical diagnostic information. The service provider cannot confirm if the personally identifiable information were exfiltrated but noted that there was no further unauthorised access to the server until the ransomware was unleashed on 24 December 2018. Potential victims in the data breach are advised to monitor their account statement for unauthorised transactions.

References:
[1] Medical Billing Service Provider Suffers Ransomware Attack 7 Months After Computer Breach

Ensign InfoSecurity Singapore
30A Kallang Place
#08-01
Singapore 339213

Tel: +65 6788 2882
Fax: +65 6788 3883