Ransomware Attacks on Ramsey County and Crisp Regional Health Services and Vulnerability in Vaccine Scheduling Application

The County Manager’s Office of Ramsey County, MN has begun informing 8,700 customers of its Family Health Division regarding the potential access of some of their personal data by unauthorized persons brought about by a ransomware attack on its vendor Netgain Technology LLC.

Netgain Technology LLC based in St. Cloud offers technology solutions to Ramsey County, such as an application utilized by the Family Health Division for recording home sessions. Threat actors potentially accessed and exfiltrated information inside that application before ransomware deployment. The application included data like names, addresses, birth dates, dates of service, phone numbers, account numbers, medical insurance data, medical data and, Social Security numbers for some persons.

It seems that the attack was carried out with just one intention, extorting money from Netgain. It was not intended to get access to personal data; nevertheless, it wasn’t possible to eliminate unauthorized access or information theft.

Ramsey County was informed concerning the attack last December 2, 2020 and right away discontinued utilizing Netgain’s services and software and turned to backup procedures. The company reported the attack to the authorities and took steps to strengthen security to stop more attacks.

Ransomware Attack at Crisp Regional Health Services

Because of a ransomware attack on Crisp Regional Health Services based in Cordele, GA last January 27, 2020, the provider had to take selected offline. The attack impaired the hospital’s phone system and employees had to use radios for internal communication. Patients and their loved ones were instructed to get in touch with each other through social media whilst the telephone system was not available.

Steps were quickly taken to protect the data and to control the attack. Independent cybersecurity experts were called in to help with the investigation and know the scope and magnitude of the breach, and if the attackers got access to or exfiltrated patient information.

Director Brooke Marshall of Crisp Regional Health Services’ community relations and foundation stated that workflow was never jeopardized, nor was patient care compromised.

The investigation is still in progress and additional data will be reported as soon as it is available.

Vulnerability in Vaccine Scheduling Application Made It Possible for People to Cut in Line and Reserve Vaccination Appointments

Beaumont Health in Michigan encountered a breach affecting its Epic COVID-19 vaccine scheduling program on January 30/31. An unauthorized person took advantage of a program vulnerability and publicly distributed an unauthorized way of booking. That way was consequently utilized by 2,700 people to reserve COVID-19 vaccination appointments.

Beaumont Health informed Epic regarding the breach on January 31, 2020 and the two worked with each other to deal with the problem. The vaccination appointments of all 2,700 persons who cut in line were canceled. People who satisfied the qualification requirements and scheduled legit appointments for a COVID-19 vaccination were not impacted.

Epic gave a statement to confirm that the breach did not allow any unauthorized persons to get access to the medical or hospital files of patients.