A ransomware attack on Netgain Technology, a cloud hosting and managed service provider, took place months ago but the list of impacted healthcare organizations is growing.
The Department of Health and Human Services’ Office for Civil Rights has received breach reports linked to Netgain incident include Woodcreek Provider Services LLC, which reported 207,000 patients affected; Apple Valley Clinic/Allina Health, which reported nearly 158,000 individuals affected; and Ramsey County healthcare company, which reported about 8,700 individuals affected. But the list goes on with thee organizations that didn’t file a report.
Another victim of the Netgain Technology incident is Crystal Practice Management, a vendor a provider of office management software for optometrists and vision therapy professionals.
Whereas Sandhills Medical Foundation, a medical company from South Carolina, reported a data breach to HHS OCR on March 12. Data of nearly 40,000 patients had been compromised in a ransomware attack on a third-party vendor, possibly Netgain, according to a DataBreaches report.
“The vendor’s investigation showed that the attackers used compromised credentials to access their system on Sept. 23,” Sandhills notes. “The attackers accessed Sandhills’ systems on Nov.15, 2020, and exfiltrated Sandhills’ data.”
Sandhills also notes in its statement that the vendor paid a ransom to attackers in exchange for having the data back.
Several other cloud vendors have been targeted by ransomware that impacted healthcare organizations.
A few days ago a healthcare company Personal Touch Holding Corp. confirmed data of its 753,000 patients, employees and former workers leaked in a January vendor attack.
Cybercriminals are increasingly attacking cloud vendors thus putting their clients at risk which increases the chances of getting a ransom.
“Cloud vendors are seen as holding high volumes of data – in particular, personal health data when the vendor serves the healthcare sector… The more such data, the more potential gain, in terms of both the size of the ransom to be paid and the value of the raw data,” said Kate Borten, president of The Marblehead Group, a security consulting firm.
