[ad_1]
PLANTATION — Akumin, a large South Florida-based outpatient diagnostic imaging services company, has been hit with a ransomware attack that has compromised the health information of hundreds of thousands of patients.
Along with imaging, the company headquartered in Plantation performs medical scans as well as radiology and oncology services for about 1,000 hospitals, health systems and physicians groups in 48 states, according to its website. In Florida it has offices in the South, West, Central and North areas of the state.
Akumen first noticed suspicious activity on Oct. 11 and shut down its computer systems. The imaging centers immediately turned away patients and stopped scheduling appointments in eight states, including as many as 50 locations in Florida. As of Tuesday, the centers still were not operating, leaving patients unable to get scans and doctors unable to see images for diagnosis.
“We have temporarily postponed most of our clinical and diagnostic operations until we can restore our systems in a safe and secure manner,” Akumin said on its website. “Access to certain imaging results from prior years may be currently unavailable.”
Danielle Fine of Davie had desperately tried to make an imaging appointment at Akumin for more than week. She had a hip MRI at Akumin a year ago and, in pain, she wanted another to compare to see if it had worsened. “Whatever location I tried, I kept getting a message that their systems were down and they are not accepting appointments. When I tried nearby centers, they were booked for weeks.”
Fine said not only is she concerned about her health and financial information falling into the wrong hands, she also worries about getting access to her medical history from Akumin. “Will there be a way to recreate my health file?”
Jeffrery White with Akumin investor relations said as soon as the company discovered suspicious activity it launched an investigation, hired cybersecurity advisers, and notified law enforcement.
“Based on the investigation to date, it appears likely that the attacker accessed files containing personal data, including Protected Health Information. We will notify any affected individuals in accordance with legal obligations. Investigations of this nature take time, and we appreciate the continued patience of all of our valued stakeholders,” White said in a written statement to the South Florida Sun Sentinel.
“A lot of things have to go wrong for Akumin’s system to be down since Oct. 11,” said cybersecurity expert Alan Crowetz, owner of Infostream in West Palm Beach.
Crowetz said ransomware typically scrambles information in a system and renders it unusable, with the attacker offering to release a program to fix the damage for a fee. All it takes is one employee to open a file that begins the damage. Many companies protect themselves from network security breaches, but plenty remain vulnerable, he said.
For the system to be down nearly two weeks, “either (Akumin) didn’t catch it quickly enough, or they didn’t have backups, or the ransomware encrypted the back up system as well,” Crowetz said. “Medical imaging files are big, so even if if they can recover them, it takes longer.”
Cyberattacks in healthcare are a growing national problem. The number of individuals affected by healthcare data breaches has spiked in 2023, making it by far the worst year for patient information security threats, according Modern Healthcare.
In July, a criminal group gained access to Tampa General Hospital’s computer system for three weeks. Its attempt to encrypt and ransom the hospital’s data was thwarted by internal security measures. Nonetheless, hackers still downloaded the personal data of 1.2 million patients. In July, Nashville-based hospital system HCA Healthcare reported a data security incident that may have compromised personal information from approximately 11 million patients, including millions of people in Florida.
“The reason why you are seeing this in healthcare is they are not as diligent about cyber security as they need to be,” Crowetz said.
As Akumin reels from the ransomware incident, forcing it to temporarily shut down operations, it also is facing financial difficulties, according to its public filings with the U.S. Securities Exchange Commission. The public company recently announced it is reorganizing under Chapter 11 bankruptcy and brought in a chief restructuring officer to help it through the process. Akumin also has been notified it will be delisted from NASDAQ as of Oct. 26.
Sun Sentinel health reporter Cindy Goodman can be reached at [email protected].
[ad_2]
Source link