Image from Spectrum News |
The attack occured May 7-9. Norton spokeswoman Renee Murphy declined to tell WDRB how the incident was resolved. She said "We did not make any ransom payment" but would not say whether "the stolen information was returned as a result of an insurance claim," WDRB reports.
Last week, for the first time, Norton said it was the victim of a ransomware attack, had notified federal law enforcement officials and was "working with a respected forensic security provider to investigate and terminate the unauthorized access." It said its medical-record system and MyChart system for patients were not violated.
However, Norton said the accessed files included personal information "primarily" about patients, employees and dependents. "Impacted information varied from person to person, and may have included name, contact information, Social Security number, date of birth, health information, insurance information, and medical identification numbers, Norton said. Driver's license numbers and other government ID numbers, financial account numbers or digital signatures may have also been included in the data," WDRB reports.
Norton said "Individuals whose information may have been impacted can sign up for two years of credit monitoring by following the instructions in written notification letters that are being mailed." It urged them to "remain vigilant and continue reviewing account statements for unusual activity."
Adrian Lauf, a computer science and engineering professor at University of Louisville, told WDRB that the compromised information suggested that insurance fraud is a possible threat, so past Norton patients shoulkd watch out for fraudulent insurance claims.
"Lauf also said to err on the side of caution, and suggests contacting a national credit bureau to either submit a fraud alert and/or initiate a credit freeze," WDRB reports. "He also suggests to verify or double-check and unknown numbers or emails that contact you."
Norton said the incident's "nature and scope . . . required time to analyze, a process that was substantially completed in mid-November."
WDRB notes, "A hacker group called BlackCat claimed responsibility for the attack and leaked files as proof. . . . Employees' names, social security numbers and birth dates as well as patients' personal information, credit card numbers and medical history are contained in documents obtained by WDRB News and available publicly on the dark web, a corner of the internet accessible via specialized web browsers. They had not been redacted, and appear to be authentic.
"The documents appeared to show a large amount of Norton's financial information, including operating accounts and payroll accounts with a balance of tens of millions of dollars, credit card information, confidentiality agreements, patient imaging orders, vendor and bank information and business invoices. Norton serves about 600,000 patients a year with nearly $5 billion in assets."
No comments:
Post a Comment