SalusCare Hit by Cyberattack on Both its Patient and Employee Data
SalusCare suspects the cyberattack was committed via malware, probably phishing.
Already under pressure because of the COVID-19 pandemic, hospitals and healthcare-related interests have faced a mass of cyberattacks lately. On average, healthcare providers lose almost 7% of their customers after a data breach or cyberattack, which is the highest when compared to other industries.
The latest cyberattack happened during the week of March 15 and SalusCare officials said early indications show that it may have started overseas.
SalusCare is a Fort Myers, Florida-based not-for-profit mental health and substance abuse service provider incorporated in 2013 after the merger of Lee Mental Health Center and Southwest Florida Addiction Services (SWFAS) where individuals with substance use issues and addiction can find a “recovery family.”
SalusCare Attack Suspect: Most likely phishing
According to Heimdal Glossary, phishing is a malicious technique used by cyber criminals to gather sensitive information (credit card data, usernames, and passwords, etc.) from users. The attackers pretend to be a trustworthy entity to bait the victims into trusting them and revealing their confidential data.
The data gathered through phishing can be used for financial theft, identity theft, to gain unauthorized access to the victim’s accounts or to accounts they have access to, to blackmail the victim, and more.
Phishing is a common type of cyber-attack that everyone should learn about in order to protect themselves.
Heimdal® Email Security
- Completely secure your infrastructure against email-delivered threats;
- Deep content scanning for malicious attachments and links;
- Block Phishing and man-in-the-email attacks;
- Complete email-based reporting for compliance & auditing requirements;
The servers and all information on them, are intact and accessible to SalusCare. It seems that in order to gain access, the malware exploited a vulnerability in the architecture of their Microsoft 365 software, the mental health and substance abuse service provider declared.
Stacey Cook, SalusCare’s president, and CEO released this statement:
“While we can’t change what has happened, know that we are taking every measure necessary to protect our patient and employee data, and we apologize for this breach.”
Amazon was informed right after the cyberattack was discovered, and they have voluntarily suspended the perpetrator’s access to the stored data.
Officials said they hope to learn whether, and to what extent, information was removed from the Amazon buckets before access was suspended.
IT professionals and outside consultants working with SalusCare need access to Amazon’s “audit logs.” The mental health and substance abuse service provider stated they have filed a federal lawsuit against Amazon due to its denial to provide the information they need.
“We are particularly mindful of the impact it may have on our patients, many of whom continue to struggle with mental illness and the lasting effects of trauma,” an attorney for SalusCare said.
SalusCare is also following all reporting requirements and regulations outlined by state and federal law and is working with authorities to bring those responsible to justice.
Unfortunately, the healthcare sector is a preferred target amid cybercriminals as they are packed with lots of personal information and topped with many human errors in the organization.