Ransomware Strikes – Leaves Patient Records Locked For Days

A Novato, California-based medical records company was hit with ransomware earlier this month, which left doctors unable to access patient records for days…

Marin Medical Practice Concepts, a medical billing and record service, based in Novato, California was hit with ransomware earlier this month.  Very little details are being released about this particular ransomware attack.  CEO of Marin Medical Practice Concepts, Lynn Mitchell, is being quite selective on what she is reporting.  Here is what we do know; earlier this month, the company was hit with ransomware which made physicians unable to access patient records for ten days.  The ransom demands were met in order to regain access to these patient records.  According to Mitchell, no patient information was compromised.

Here is what we do not know; what kind of ransomware that was utilized in this attack, the amount of ransom that was paid, and if Mitchell is accurate in saying no records were compromised.  The CEO is not disclosing how she knows information was not compromised.  We also do not know how many patient records were inaccessible, and if the company reported the attack to the FBI, Attorney General’s Office or the U.S. Department of Health and Human Services.

Here are the proper steps anyone, home or business users, should take if attacked by ransomware:

  1. Do not pay the ransom – If you do, you’re just giving the hackers a reason to keep hacking.  Use your back up files to restore your systems.  Again, don’t pay!!
  2. Inform the FBI – By informing the FBI they can investigate to potentially bring legal action against the hacker.  All cyber criminal activity should be reported to the federal IC3 agency.  You can file a complaint with them here.
  3. Notify your current security software company – You also MUST inform your security software company.  If they didn’t know they missed a malicious attack, they cannot stop it in the future.  Also, many anti-virus software companies share their blacklist, or the list of known bad files.  So by sharing it with your software company, they then share it with others; saving thousands of people from falling victim to the same attack that just got you.
  4. Educate yourselves and your employees – Many times we attend one training, or listen to one webinar and consider ourselves educated on the matter.  This cannot be further from the truth.  Continued education on current cyber security threats is imperative.  We recommend our friends at KnowBe4 for both personal and enterprise training on cyber security.  As always, all PC Matic home security subscribers are offered a free cyber security training through KnowBe4 as well.
  5. Reevaluate your security software protection – If your security software failed you, perhaps you should look for an alternative security option.  The United States Computer Emergency Readiness Team (US-CERT) strongly advises using a whitelist security technology.  For personal uses, PC Matic home protection offers superior protection with advanced whitelisting technology.  For enterprise use, there is PC Matic Pro, which offers advanced security protection with proprietary whitelisting technology.

For a list of other ransomware attacks that have taken place in 2016, click here.

We have also generated an interactive map that includes all of the ransomware attacks within the United States that have occurred this year.

Want to get monthly tips & tricks?

Subscribe to our newsletter to get cybersecurity tips & tricks and stay up to date with the constantly evolving world of cybersecurity.

Related Articles