Singing River Health System Discloses Data Breach Affecting 253,000 Patients | #ransomware | #cybercrime

In what is becoming an alarming increase in cyberattacks on healthcare providers, Singing River Health System, based in Ocean Springs, Miss., has disclosed a significant data breach that has affected over 253,000 patients. The breach, which was the result of a ransomware attack on August 19, 2023, was carried out by the Rhysida ransomware group. The group compromised a total of 252,890 data files.

Ransomware Attack on Singing River Health System

The Singing River Health System, a not-for-profit healthcare organization, operates three hospitals and over a dozen medical clinics serving the Mississippi Gulf Coast. According to a report published on Bank Info Security on January 15, the cybercriminal gang Rhysida claimed responsibility for the attack, which severely disrupted the entity’s IT systems.

This disruption significantly affected patient services including laboratory and radiology testing and the Epic electronic medical record system, impacting both hospital operations and patient care. The attack caused the network to go offline for several days, adding to the chaos and confusion.

Scope of the Breach

Investigations into the incident revealed that the unauthorized access to the system occurred between August 16 and 18, 2023. The breach compromised a vast amount of patient data, including sensitive and personally identifiable information (PII). The compromised data includes patient names, birthdates, addresses, Social Security numbers, and medical information.

Response to the Breach

Once Singing River Health System discovered the attack, they reported it to federal regulators. Initially, the breach was reportedly affecting only 501 people. However, further investigations uncovered that the actual number of affected individuals exceeded 250,000. This startling revelation brought into stark focus the severity of the breach and the extent of the damage caused by the Rhysida ransomware group.

In response to the breach, Singing River Health System has offered affected individuals 12 months of complimentary identity and credit monitoring to help mitigate the potential consequences of the breach. In addition, The Lyon Firm, specializing in data breach investigations, is offering free consultations for potential legal action regarding the breach.

Rhysida’s Increasing Attacks on the Healthcare Sector

The Rhysida ransomware group has been escalating its attacks on the healthcare sector since May 2023, with a total of 76 victims identified so far. The attack on the Singing River Health System is part of this worrying trend of increased cyberattacks on healthcare providers.

These attacks not only compromise sensitive patient data but also disrupt essential healthcare services, posing a severe threat to patient safety and healthcare delivery. Therefore, it is crucial for healthcare providers to invest in robust cybersecurity measures to protect patient data and ensure the smooth functioning of their services.

Source link

National Cyber Security