💰💣

St. Joseph/Candler Security Incident

June 17, 2021 1558 days ago Resolved

Incident Overview

Situation Description

St. Joseph/Candler hospital system experienced a ransomware attack in June 2021, impacting 1.4 million individuals and leading to significant reputational damage and potential HIPAA violations.

Event Types

Ransomware Malware / Destructive Attack

Industry Sector

Healthcare

Geographic Scope

National (Other)

Response Actions

Restored Systems from Secure Backups Implemented Advanced Authentication Enhanced Third-Party & Supply Chain Risk Management

Impact Analysis

Event Types (2 identified)

Ransomware Malware / Destructive Attack

Financial Impact

$0 USD

Records Affected

1,400,000

Data Types Compromised

PII (Personally Identifiable Information) Financial Data (Credit Cards, Bank Accounts)

Primary Impacts

Operational Disruption Reputational Damage Legal/Regulatory Penalties

Key Decisions Made

Implement a comprehensive backup and recovery solution to restore production workloads in minutes.; Utilize data vaults for isolated, immutable storage as an additional layer of defense against ransomware.; Leverage machine learning for data governance and compliance to automate sensitive data discovery and detect anomalies.

Technical Analysis

Attack Method

Unknown

Additional Information

Ransomware attacks and data theft can feel like a torrential downpour to businesses. As we mentioned in our blog Protect Your Data in the Ransomware Storm , cybercriminals have continued to evolve over the years, and are now targeting backups and exfiltrating mission-critical data to hold hostage. Organizations worldwide are not only having trouble keeping up with their tactics, but also effectively protecting their most valuable data. In June 2021, St. Joseph/Candler (SJ/C) hospital system experienced a ransomware attack that impacted 1.4 million individuals. SJ/C, one of the largest healthcare providers in Georgia, determined that hackers first gained access to their systems on December 18, 2020, deploying the ransomware attack on June 17, 2021. Further investigation revealed that files containing patient information such as addresses, dates of birth, social security numbers, drivers license numbers, patient account numbers, financial information and more were compromised. The ransomware attack not only led to potential HIPAA violation fines, but SJ/C suffered several patient lawsuits and ultimately significant impact to their reputation and brand. The Ireland public healthcare system, Health Service Executive (HSE), faced a similar attack in May 2021 . Investigation showed that hackers gained access to the network two months before the ransomware attack. Source: Inside Irelands Public Healthcare Ransomware Scare. Krebson Security, Krebson Security, 12 Dec. 2021, krebsonsecurity.com/2021/12/inside-irelands-public-healthcare-ransomware-scare. The first sign of trouble was on March 31, 2021 when antivirus software detected malicious software running on a workstation. But, because the antivirus software was only set to monitor, it did not remediate the situation and actively defend against the rogue softwares actions to spread further. On May 14, 2021, the hackers deployed Conti ransomware throughout HSE, disrupting services to hospitals and leading to a near...

... (truncated for display)

Quick Facts

Company:: St. Joseph/Candler
Date:: June 17, 2021
Status:: Resolved
Decision Maker:: nan
Position:: nan
Published:: 12/12/2021

Source Information

Original Query

Ireland Health Service Executive (HSE) final report on Conti ransomware attack recovery costs

View Original Source

Timeline

Information Published

12/12/2021

Incident Occurred

June 17, 2021 (1558 days ago)

Status: Resolved

Estimated resolution based on age

Actions

View Company Profile

Navigation

Quick Stats