Norton Healthcare Ransomware Attack Exposes 2.5 Million Individuals, Highlighting Growing Vulnerabilities in Healthcare Sector

In a recent data breach notification filed with Maine's attorney general, Norton Healthcare revealed that a ransomware attack in May exposed sensitive data on 2.5 million individuals. The Kentucky-based clinic and hospital group discovered the cyberattack on May 9, determining later that ransomware was involved. The threat actors gained access to some network storage devices between May 7 - 9, although the medical record system remained uncompromised.

This incident underscores the increasing vulnerability of healthcare organizations to ransomware attacks. According to the Department of Health and Human Services, ransomware attacks against healthcare entities have surged by 278% in the past four years. The agency reported in late October that "large breaches reported this year have affected over 88 million individuals, a 60% increase from last year."

The investigation into Norton Healthcare's cyberattack, concluded in mid-November, revealed that compromised data included names, contact information, Social Security numbers, dates of birth, health and insurance details, and medical ID numbers. Brett Callow, a threat analyst at Emsisoft, highlighted that at least 36 U.S. healthcare systems spanning 130 hospitals have fallen victim to ransomware attacks this year.

Norton Healthcare, which operates 8 hospitals and 40 clinics with over 20,000 employees and 3,000 medical providers, confirmed it did not make a ransom payment. The restoration of systems from backups began on May 10, and the healthcare group has not detected additional indicators of compromise.

The delayed disclosure, coming seven months after the intrusion was detected, highlights the intricate nature of post-incident investigations. Norton Healthcare explained that reviewing potentially exfiltrated documents to identify affected individuals and data types proved to be a time-consuming process.

As hospitals continue to face an alarming increase in cyber threats, the healthcare sector grapples with the need for enhanced cybersecurity measures to safeguard patient information and maintain the integrity of critical healthcare systems.

The GRC Report is the first word in governance, risk, and compliance news. As your trusted source for comprehensive coverage, the GRC Report keeps you informed and equipped to navigate the evolving landscape of governance, risk, and compliance. And remember, the GRC Report isn't just a news source; it's a community of professionals who share your passion for GRC excellence. Don't miss out on our insightful articles and breaking news – join the conversation and empower your GRC journey.