Post-Breach Financial Breakdown

It is clearly proven on a daily/hourly basis that cyber-attacks will not slow down; with ransomware leading the hacker’s choice of malware techniques. So, who really loses in these attacks? In most cases, the business and corporate owners. A million dollar ransom of frozen networks, even if negotiated down, will put many companies on their heels, if not out of business.

A pair of recent lawsuits have been filed on behalf of former and current Scripps Health (Scripps) patients, who allege their personal information may have been compromised during the ransomware attack on the San Diego California based health care system affecting many in the US.[1]

The civil complaints filed 21 June 2021 in US Federal Court and allege Scripps did not properly safeguard its patients' personal information stolen in last month's cyberattack, even though Scripps should have been "on notice" of the potential risk due to similar incidents occurring in the health care industry.

Scripps announced earlier this month it was notifying more than 147,000 people that their personal information was affected, though the health care system said there has been no indication that any data was used to commit fraud. Something they have no idea about or won’t admit. Despite that, the plaintiffs allege they, "are at imminent and impending risk of identity theft" that "will continue for the rest of their lives."

Scripps, which did not respond to requests for media inquiries regarding the lawsuits, previously stated it would be providing complimentary credit monitoring and identity protection support services "for the less than 2.5% of individuals whose Social Security number and/or driver's license number were involved."

One of the complaints alleges that the service, "does not and will not fully protect the patients from cyber criminals and is largely ineffective against protecting data after it has been stolen" and states cyber criminals will hold onto the stolen data until "long after victim’s concerns and preventative steps have diminished."

The plaintiffs are seeking unspecified damages and for Scripps to implement a number of preventive measures to bolster its cybersecurity. So, not only was this health care system hit with a cyber-attack, now they are getting sued for an “unspecified” amount of damages.[2] These ‘damages’ could result in millions of dollars lost to Scripps. Any company is susceptible to this double whammy financial hit.

In the State of Iowa, the records of roughly 500,000 patients of an eye clinic with locations throughout Iowa may have been stolen as part of a ransomware attack on the business last February. The Wolfe Eye Clinic (WEC) admitted that its computer network was attacked on 8 February 2021 by hackers who demanded a ransom to unlock access to its systems. WEC said they did not pay the hackers.[3]

The company plans to notify affected patients that their information may have been stolen and offer them a year of credit monitoring and identity theft protection services. Company officials said an investigation into the hacking revealed last month that patient records ‘may’ have been compromised. Is WEC the next defendant?

On 17 June, the faith-based and nonprofit St. Joseph's/Candler, the largest health care system in the Savannah Georgia US area, was hit with ransomware. Doctors, nurses and staff had to make do with computer backup procedures, including the use of paper records, after a cyberattack prompted a shut-down of the hospitals' network. A hospital spokesperson said on 21 June that, "while we continue to investigate the incident, we’re working to get systems up and running as quickly and as safely as possible," he wrote. "Our priority is patient care, and our staff are committed to doing everything they can to mitigate disruption and provide uninterrupted care to our patients." A breach in the computer systems that was ultimately revealed to be a ransomware attack.[4] The hospital declined to reveal if ransom was demanded or how much. Patient care is always number one, but you can bet St. Joe’s attorneys are working over-time to protect the corporation.

These are just recent glaring examples of cyber-attacks to health care facilities and systems. Yet ALL critical infrastructure and key resources in any country are now targets of criminal and state sponsored hackers.

Cyber attackers have become extremely brazen and are attacking all levels of corporations, health care, governments and critical industry institutions that were previously somewhat out of bounds. Shutting down any agency or company for any length of time would be devastating creating havoc in the legal system and could bankrupt many small to medium businesses. An ounce of prevention is ALWAYS worth a pound of cure.

Red Sky Alliance strongly recommends ongoing monitoring from both internal and external perspectives. Internal monitoring is common practice and very important, however, external threats are often overlooked and can represent an early warning of impending attacks. Scripps could have, or now, be using our RedXray tool to find dark web information of their cyber-attack. Red Sky Alliance can provide both internal monitoring in tandem with RedXray dark web notifications on external threats to include, botnet activity, public data breaches, phishing, fraud, and general targeting.

Red Sky Alliance is in New Boston, NH USA. We are a Cyber Threat Analysis and Intelligence Service organization. For questions, comments or assistance, please contact the lab directly at 1-844-492-7225, or feedback@wapacklabs.com.

Interested in a RedXray subscription to see what we can do for you? Sign up here: https://www.wapacklabs.com/RedXray