More than 13,000 current and former patients of Mat-Su Surgical Associates (MTA) and Valley Surgical Associates are being made aware of a ransomware incident. The incident occurred on March 16th after MTA noticed that some files were encrypted, which caused access issues on their computer system. Third-party investigators were called in to help narrow down the cause and effects of the ransomware attack and while the exact number of files that were compromised is not known, they did discover the type of information that was accessed. This information included patient names, Social Security numbers, contact information, diagnoses, treatments, test results, health insurance details, and other care-related data. Passwords for every user have been reset and additional controls for remote access endpoints have been added to help reduce the risk of another attack happening in the future.
Companies who are affected by ransomware attacks should also consider educating their employees on how to spot phishing campaigns and the dangers that follow them. It is also important to make sure all systems receive patches as they become available because leaving outdated systems running on company networks can make it easier for threat actors to carry out attacks. A Security Operations Center (SOC) that monitors for intrusions around the clock can help mitigate an attack or even stop it before the attackers expand beyond initial access. Stopping attacks early is key because the longer an intrusion goes without being noticed, the more damage it will likely cause.