The Los Angeles County Department of Public Health has been breached by a cyber-attack that has compromised the personal information of over 200,000 private individuals. This is the latest breach in a series of major cyber-attacks on the healthcare sector.
As with so many breaches, the Los Angeles County breach was the result of a phishing attack aimed at unsuspecting staff. The attack enabled a hacker to gain the log-in credentials of 53 public health employees and subsequently compromised the personal information of 200,000 patients.
According to the LA County Department of Public Health: “The information identified in the potentially compromised e-mail accounts may have included DPH clients/employees/other individuals’ first and last name, date of birth, diagnosis, prescription, medical record number/patient ID, Medicare/Med-Cal number, health insurance information, Social Security Number, and other financial information.”
Although not all of the information listed above was revealed in every individual’s case, the stolen cache of personal information represents a potential treasure chest for cybercriminals. Owning this level of personal information vastly simplifies identity theft and numerous other scams. These potentially include the blackmailing of individual patients who may not wish certain aspects of their medical history broadcast to work colleagues or their spouses and families.
Healthcare sector is an easy target
The healthcare sector in developed economies such as the US, the UK, and Europe is a relatively easy target for organized cybercriminal gangs compared to, for example, the finance sector, which has been working hard to stay a step ahead of cybercriminals for decades.
Part of the problem is that the healthcare sector was relatively immune from organized cyber-attacks until recently. Healthcare organizations were lulled into a false sense of security because cybercriminals were originally anxious to present themselves positively and swore off attacking healthcare. All that changed irrevocably last December, following actions taken against the infamous BlackCat ransomware group by the US Federal Bureau of Investigation (FBI).
As Cyber Intelligence reported earlier this year, the cybercriminal gang warned it was taking off the gloves, and BlackCat, which previously took pride in regularly announcing that it did not encourage or support affiliates who target crucial sectors such as healthcare, declared open season on the sector. Since then, healthcare breaches have followed fast and furious. In March, for example, Reuters reported a post on a hacker forum that claimed that UnitedHealth had paid a $22m ransom to BlackCat to recover access to data and systems encrypted by the group.
