Approximately 1.3 million Patients have been victimized during a hacking incident in the State of Montana’s Department of Public Health and Human Services.

HIPAA SecuritySo far, there are no evidences that point to the stolen information being used inappropriately. Nevertheless, the state is providing identity protection insurances to possible victims. Families of deceased patients are also being notified by the state.

The breach was discovered after an independent forensic investigation that later on alerted the officials.  According to Jon Ebeit, DPHHS Officials noticed suspicious activities on May 15. What followed was the investigation conducted on May 22.

The Vice-president of cyber research at LightCyber, Eyal Firstenberg, says that, “The time gap between the initial breach and the detection, while outrageously long, is far from being a rare occurrence. In fact, once mission-driven attackers have established a stable beachhead they leverage legitimate existing network resources, like user credentials, for the next phases of the attack. They thus render traditional security controls, like AV, firewalls, and sandboxes useless. With no system in place to monitor the internal network in real-time, attackers are effectively allowed to explore, compromise, and exploit the network at their leisure.”

The attack has forced DPHHS to employ stronger preventive tools, including restoring the affected systems safely, adding more security software to protect existing sensitive information on servers, and effectively monitoring security practices. No specific detailing has been released by DPHHS regarding these expansions.

The Federal Bureau of Investigation and the Montana Attorney General have been notified by the DPHHS, despite there being no information about potential suspects.

Just some years ago, information breaches can be traced to human error; employees being careless in handling the network. Now, however, hackers have gained quite a momentum attacking the industry’s well of personal information. Health records are filled with useful information like Social Security numbers, credit card data, and addresses. In 2004, Verizon reported that 73% of healthcare breaches are results of physical theft and loss, insider misuse, and miscellaneous errors.

Michael Raggo, security evangelist at MobileIron openly expresses, “I will never say never, but the healthcare industry has seen a disproportionately low instance of cyberattacks, and rather a higher proportion of accidental data loss through well-intentioned but risky user behaviors on the device or lost devices. A major reason for a low instance of cyberattacks is because stringent HIPAA guidelines are a core part of the data security and compliance strategy of all healthcare organizations in the United States. That said, cyberattacks are increasing, as are the number of attack vectors organizations need to protect.”

The Office of Civil Rights reported 61 new breaches in mid-May. This affected more than 500 patients raising the 2014 tally to 992 victimized organizations, and 31,000 compromised patient information.

In April, another hacking occurred, this time targeting Dekalb Health’s website. Apparently, an overseas hacking group attacked the service provider operating the Indiana organization’s website. It was a case of phishing where hackers created a fraudulent page, resembling the legitimate site of the DeKalb Health Foundation. To make it more alarming, the real website was linked to the malicious fake one.

Another phishing scam in May affected Centura Health. This time, hackers targeted employees at the non-profit section of Mercy Regional Medical Center. About 1,000 patients have been notified.

It’s not wise to wait to be the next breach headline before reinforcing your security. Though monitoring your servers maybe a massive task to deal with, it is necessary if we want our clients to be at ease with whom they trust their sensitive personal information with.

Have questions about your healthcare IT security? LAN Infotech is here to help. LAN Infotech provides extensive coverage for healthcare agencies large and small. Please call us at (954) 717-1990 or email us at sales@laninfotech.com if you have any concerns about your healthcare IT security and support.

Fort Lauderdale Computer Networks
Network Services in Fort Lauderdale
Network Consulting in Fort Lauderdale
Fort Lauderdale Data Backup
Data Security Fort Lauderdale
 
Client Feedback

“We are a loyal LAN Infotech client and have had the pleasure of working with them on a major network infrastructure project. We find their network engineers to be knowledgeable regarding the latest hardware and software solutions. LAN Infotech is especially strong when it comes to network security issues.”

—Lisa Carman
Office Administrator
Siegfried, Rivera, Lerner, De La Torre & Sobel, P.A.
read more»

Featured IT Services Fort Lauderdale Articles

LAN Infotech Recognized as Leading Microsoft Marketing Partner Worldwide

The team of IT specialists from LAN Infotech are thrilled to announce that they have been recognized on Fifty-Five and Five’s Inbound Marketing Excellence Report as one of the top 250 Microsoft mark

Read more

Featured IT Services

IT Consulting Advice for Fort Lauderdale: Taking Care of Your Employees Is Taking Care of Your Business!

Quid Pro Quo An IT consulting firm in Fort Lauderdale will usually advise that you get what you give. This is the core principle which defines most working relationships. The employer gives the em

Read more

Featured IT Services

IT Services Business Advice: Do You Really Need a Management Consultant in Fort Lauderdale?

Eliminate the Middleman IT services in Fort Lauderdale need not cost an arm and a leg to provide services your own organization could source internally. You want a consultation agency willing to he

Read more

Featured IT Services