Texas-based OakBend Medical Center initially reported a situation that caused their phone and email systems to go offline as an “email hacking incident” to the Department of Health and Human Services. It has now been revealed that OakBend suffered a ransomware attack that has compromised personal and medical information of nearly half a million people. The totality of the incident has not yet been revealed, however, it is known that some individuals had their Social Security numbers accessed by the threat actors. The Daixin ransomware group has claimed responsibility for the attack and has requested a hefty ransom believed to be millions of dollars. Other than acknowledging the attack, OakBend has been relatively quiet regarding the incident, but they are cooperating with the FBI and has implemented additional security measures to help prevent issues from occurring in the future.
The medical sector continues to be a heavily targeted industry for threat actors. Organizations that operate within the medical space or provide products or services to the medical field should revisit their cybersecurity policies. It is advised that companies pair a trusted antivirus software with some type of endpoint monitoring solution and 24/7 monitoring by security operations in order to better protect their systems from intrusions that can result in data breaches. Having tested back-ups along with a recovery plan will make dealing with the effects of ransomware attacks possible without resorting to paying the attackers for decryption keys.