44,600 Patients Affected by Ransomware Attack at Golden Heart Administrative Professionals

by | Jul 26, 2018

AK-based billing company, Golden Heart Administrative Professionals, a Fairbanks is alerting 44,600 people that some of their protected health information has potentially been obtained by unauthorized people due a recent ransomware attack.

The ransomware was placed on a server storing the PHI of patients. A press release issued by the company, which is a business associate of several healthcare providers in Alaska, said that “all client patient information must assume to be compromised.”

Local and federal law enforcement agencies have been informed of hacking incident and efforts are continuing to rescue files.

The Golden Heart Administrative Professionals ransomware attack is the biggest data breach experienced by a healthcare group in July, and the second major data breach to be reported by an Alaska-based healthcare group during the same month.

The Alaska Department of Health and Social Services announced, earlier in July, that it had been hit by a data breach due to a malware infection. The Zeus/Zbot Trojan – an information stealer – had been placed on their servers which potentially allowed the hackers to gain access to the protected health information of ‘more than 500’ clients.

Recent reports indicate ransomware attacks are becoming less common, with many cybercriminal gangs changing operations to cryptocurrency mining; however, there does not appear to be any drop in the number of ransomware attacks on healthcare groups.

Recently, LabCorp, the national network of clinical testing laboratories, suffered a SamSam ransomware attack. The attack was discovered within 50 minutes and systems were disabled to stop widespread file encryption. The ransomware was added to the servers following a brute force remote desktop protocol (RDP) attack. It is not currently clear how many individual have been affected by the incident, although some reports indicate that millions of patients’ PHI may have been impacted.

On Monday, July 9, Cass Regional Medical Center in Harrisonville, MO, suffered a ransomware attack that lead to its communications system and electronic medical record system being unusable. The medical center redirected ambulances for stroke and trauma victims to alternate healthcare facilities in order to address the situation. As with the LabCorp hacking incident the ransomware was placed on the server following a brute force RDP campaign. The electronic medical record systems were kept offline for 10 days due to the attack.

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.

COMPREHENSIVE HIPAA TRAINING

Please enable JavaScript in your browser to complete this form.

Patrick Kennedy

Patrick Kennedy is a highly accomplished journalist and editor with nearly two decades of experience in the field. With expertise in writing and editing content, Patrick has made significant contributions to various publications and organizations. Over the course of his career, Patrick has successfully managed teams of writers, overseeing the production of high-quality content and ensuring its adherence to professional standards. His exceptional leadership skills, combined with his deep understanding of journalistic principles, have allowed him to create cohesive and engaging narratives that resonate with readers. A notable area of specialization for Patrick lies in compliance, particularly in relation to HIPAA (Health Insurance Portability and Accountability Act). He has authored numerous articles delving into the complexities of compliance and its implications for various industries. Patrick's comprehensive understanding of HIPAA regulations has positioned him as a go-to expert, sought after for his insights and expertise in this field. Patrick's bachelors degree is from the University of Limerick and his master's degree in journalism is from Dublin City University. You can contact Patrick through his LinkedIn profile:

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.

Comprehensive HIPAA Training

Used in 1000+ Healthcare Organizations and 100+ Universities

    Full Course - Immediate Access

    Privacy Policy