New Hampshire Healthcare Facility Offers Up Patient Data to Hackers

New Hampshire Healthcare Facility Suffers Ransomware, Followed by Security Breach

Health Management Concepts (HMC) of New Hampshire recently suffered a ransomware attack.  The variant has not been disclosed to the public, but HMC officials did report they paid an undisclosed ransom amount.

Before going on, it should be noted that paying the ransom demands is a terrible idea.  First, there are no guarantees the hackers will provide a decryption key.  Second, it sets the precedence that ransom demands will be paid, making the organization a target for future attacks.

Now, to be fair, in this particular instance, a decryption key was provided that unlocked all of the locked files.  However, there is speculation that paying the hackers could have led HMC to inadvertently providing confidential patient data to the hackers.  But how?

CoveWare, a ransomware recovery firm, suggested to Health IT Security, that an encrypted file may have been sent to the attackers to demonstrate that they indeed could decrypt the file if the ransom was paid.  Again, that is just speculation.

Regardless, the hackers got their hands on patient names, social security numbers, and insurance plan data.  Therefore, this means a double payday for the hackers.  Not only did they obtain the information they can sell on the dark web, they were paid to provide a decryption tool for files they themselves infected.

HMC said in a letter to the New Hampshire Attorney General,

“To help prevent this type of incident from occurring again, HMC is adding enhanced security protocols to its current server, including removing access to the server through Remote Desktop Protocol. It also is migrating its server to another cloud computing service, which will provide additional security.”

Other Ransomware Attacks

For a list of ransomware attacks that have already taken place in 2018, you may click here. We have also created a map, see below, of the ransomware attacks that have taken place in the U.S.

1,502 total views, 27 views today

(Visited 725 times, 1 visits today)

2 thoughts on “New Hampshire Healthcare Facility Offers Up Patient Data to Hackers

  1. I lay the blame at the feet of the politicians. More and More of the American people’s data are being laid out to the hackers and the Government hasn’t forced or demanded any accountability. Laws need to be written or whatever that medical, insurance and many other industries need to be held accountable to protect the publics key data!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.