Three attacks on healthcare institutions in the US and Singapore were confirmed in the last couple of days that resulted in patient data leaks.
Yesterday, Eskenazi Health hospital confirmed that the attackers behind the August 4 ransomware attack were able to access and steal patient data before the malware was deployed. The data was leaked online in the days following the incident.
After an attacker gained access to the system, the Indiana-based health system’s IT infrastructure was immediately shut down to prevent the spread of the attack. The attack affected operations of all Eskenazi Health care sites.
Despite an August 8 notice showing the electronic health record (EHR) downtime, officials with the health system noted that the incident did not affect patient care. They also noted that the system’s disaster recovery plans were in place for similar attacks.
Although the recovery efforts of the network are still ongoing, the facilities of Eskenazi Health are operating normally “with patient procedures and appointments underway.” The company noted that it is currently receiving COVID-19 vaccinations as usual.
However, the incident impacted the local Marion County Public Health Department and affected the ability of individuals to obtain birth certificates and death certificates.
Another attack against a private eye clinic in Singapore affected the personal data of about 73,500 patients this month. The information included details such as the patient’s name, address, phone number, and clinical notes.
The Eye & Retina Surgeons (ERS) clinic said it has not paid the ransom and that no credit card or bank account details were compromised.
Meanwhile, the local Ministry of Health has confirmed that the ministry’s systems are not connected to the private hospital’s systems and were not compromised by the cyberattack that occurred this month.
In the US, Atlanta Allergy & Asthma is notifying over 9,800 patients that their personal health information was compromised in a January data breach.
This database included patient names, birth dates, financial account numbers, Social security numbers, and treatment information.
The attack took place between January 5 and January 13.
“Upon learning of the issue, AAA immediately took steps to secure its network and mitigate against any additional harm. AAA worked very closely with external cybersecurity professionals to determine the full impact of the incident,” the firm said in a statement. “To date, AAA is not aware of any reports of identity fraud or improper use of any information as a direct result of this incident.”
