Dentist offices nationwide hit with REvil ransomware attacks – Digitalmunition

News Dentist offices nationwide hit with REvil ransomware attacks

Published on August 30th, 2019 📆 | 6261 Views ⚑


Dentist offices nationwide hit with REvil ransomware attacks

Dental practices
across the country found themselves locked out of their patient files after a
hacker group infected a pair of software providers with REvil, or Sodinokibi, ransomware.

The two
companies, The Digital Dental Record and PerCSoft, which created DDS safe to
provide medical records retention and backup services to dental offices, ponied
up the ransom for a decryptor that they have passed on to the practices
affected, according to a report
in ZDNet.

REvil, or Sodinokibi, which Fidelis Security Threat Research Team Senior Analyst Aamil Karimi wrote is “becoming increasingly popular” with a 12.5 percent ransomware market share and shows similarities to GandCrab, is the same ransomware used in recent attacks on 22 local and county government agencies in Texas.

seen escalating ransomware attacks targeting healthcare organizations for a few
years, but now dental offices need to worry about sensitive patient data being
exposed,” said Kowsik Guruswamy, CTO
at Menlo Security.

bottom line here is that ransomware attacks continue to evade existing security
products,” whose paradigm to “allow the good and block the bad” is outdated.

latest attacks raise what some see as long-ignored privacy issues for dental
practices. “Dental offices that file claims, verify eligibility, or make
digital treatment authorizations are operating under the HIPAA regulation and
must ensure they have appropriate security and privacy practices in place,”said
Tom Garrubba, vice
president and CISO, Shared Assessments.
“There is a perception that dental practices have been flying under
the OCR’s radar (the Office of Civil Rights investigates HIPAA violations) for
years and this announcement may bring this under renewed scrutiny.”

noted that “as more private dental practitioners migrate to larger
managed organizations, emphasis on adequate enterprise-wide security and
privacy practices should be top-of-mind for their senior leadership.”  

Source link

Tagged with:

Leave a Reply