Tri-City Medical Center resumes nearly full operations after cybersecurity attack | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

Tri-City Medical Center in Oceanside is back up and running after spending more than a week with its operations severely impacted by a cybersecurity attack.

Silent since Wednesday, Nov. 15, the third party company hired by the hospital’s insurance company to take over all public communications during the incident said in a short statement released Tuesday that Tri-City restored its electronic health platform and resumed accepting ambulance traffic on Friday, Nov. 17. Sidelined elective surgeries and procedures have also been resumed.

Tri-City has not said what caused the attack, which began the morning of Thursday, Nov. 9. Employees have subsequently indicated that the breach involved ransomware, a kind of malicious software that demands payment in order to unlock encrypted digital assets and may also threaten to release stolen patient records on the Internet if monetary demands are not met.

More than a week into its investigation, no further information on whether any sensitive information was taken has been released.

If investigators discover that hackers made off with protected data such as financial details or medical records, the clock is already ticking toward mandatory disclosure.

Federal law requires health care organizations to notify any patient whose information was stolen “without unreasonable delay” and “in no case later than 60 days following the discovery of a breach,” and that notice must include “a description of the types of information that were involved.” If the records of 500 or more people are affected, medical providers are also required to notify the media.

How close is Tri-City to understanding what the attack’s ramifications are for the private information it stores? No public guidance has yet been given on when such information will be shared with Tuesday’s statement indicating only that the investigation continues with the assistance of law enforcement and “third-party cybersecurity specialists.”

“We will share relevant updates with our staff, patients and the community as more information becomes available,” Tri-City’s statement on Tuesday said.

The hospital was already struggling financially when the attack occurred, with its board of directors voting unanimously in late October to pursue a partnership agreement with UC San Diego Health. That agreement would form a new joint powers authority to operate the hospital, and Tri-City’s assets and liabilities would be transferred to the university health system. Might liabilities created by the cyber attack, such as the possibility of a class-action lawsuit, cool partnership talks?

Reached by email Tuesday, Patricia Maysent, chief executive officer of UC San Diego Health, said that the attack is not expected to impact the agreement.

Palomar Health, which operates hospitals in Escondido and Poway, reported a “slight bump” in the number of ambulance traffic and cardiac cases it received during the period when Tri-City operated in a state of internal emergency, though, because other hospitals in the area were also operating at capacity, “it is difficult to say exactly how much was related to the shutdown.”


Click Here For The Original Source.

National Cyber Security