A huge data break has been informed by a Phoenix AZ-based healthcare company which has possibly affected 3.7 million people. The assault is the 2nd biggest cyberattack informed thus far in 2016, just second to previous month’s 9.3 million highest break on an as of yet unverified health underwriter.
Early accounts of the assault on Banner Health show that healthcare accounts weren’t the main objective. The attack seems to have been carried out to get credit card particulars. The attackers initially aimed a system utilized to manage credit card disbursements for beverage and food procurements. Access to the system initially appeared on June 17; nevertheless, as soon as access had been extended to the disbursement system, the wicked actors shifted laterally inside the system and accessed to servers utilized to store patient files.
In the retail segment POS attacks are usual, however, the attack indicates how safety weaknesses of all kinds can be abused and in what way they can help as a Launchpad for assaults on other segments of a healthcare system.
The assault upsets several Banner Health sites in Nevada, Nebraska, Colorado, California, Arizona, Wyoming, and Alaska. As per a break notification released by Banner Health, the occurrence was found out on July 7, 2016, following uncommon activity was noticed on the healthcare supplier’s system.
On July 13, the inquiry into the safety break disclosed that the break affected health plan members, patients, and food service clients. Banner Health found out that the ePHI of patients might also have been undermined in the attack. Originally, on or about June 23, credit card data – cardholder names, expiry dates, numbers, as well as CCC codes – were found out to have been retrieved. But, it soon became evident that more data had possibly been undermined. Patients’ names, dates of birth, dates of service, addresses, Social Security numbers, claims data, referring doctors’ names, as well as health insurance details, were also possibly accessed by the assailants.
The cyberattack demonstrates just how vital it’s to carry out a complete risk examination on all of the IT systems, even those which don’t have ePHI. The whole system should be assessed for safety weaknesses even if ePHI isn’t thought to be at instant danger of compromise. Cyberattacks are getting more refined and when network access is obtained, attackers might be able to travel laterally inside a computer system and also gain access to patient files.
