Cybersecurity

Retired FBI Special Agent speaks on current Ascension cybersecurity attack


NASHVILLE, Tenn. (WKRN) — A major class action lawsuit has been filed by a patient against Ascension Saint Thomas Hospital.

The lawsuit claims personal information, including birth dates, social security numbers, and health insurance, were illegally obtained due to the hack.


The plaintiff claims the hospital “failed to undertake adequate measures to safeguard the private information” of its patients.

Earlier this month, Ascension Hospitals experienced a cybersecurity attack, causing staff to operate under an implemented downtime procedure, meaning everything is tracked by hand.

As patients with Ascension hospitals continue to seek care, a retired FBI Special Agent told News 2 there are things current patients can do to protect their information.

“When the bad guys steal your stuff, law enforcement isn’t coming in with a magic wand to get your stuff back, your money back, your files back,” retired FBI Special Agent Scott Augenbaum said. “Putting the bad guys in jail is really, really hard because they are located overseas.”

Augenbaum explained that he was not shocked when he heard of the Ascension ransomware.

“The problem with healthcare is with the cyber criminals continuing to target healthcare, healthcare is looking at cybersecurity as a cost, not an investment,” Augenbaum said.

Augenbaum told News 2 that when he worked with the FBI Cyber Crime unit, he regularly dealt with healthcare cyber security hacks and ransomware.

“All these systems need to be patched,” Augenbaum said. “They need to have the latest technology updates. A lot of times, the organizations don’t know where their information is located. It’s all over the place. It’s in the cloud, and it makes it very, very challenging, and the cybercriminals are able to find this vulnerability in systems, and they are able to exploit them.”

He added that a significant percentage of entry points for hacks are usually preventable.

“Almost 90% of what I dealt with easily could’ve been prevented if my end users were only armed with, what I like to call, a cyber secure mindset,” Augenbaum said. “It’s not always about spending the money. It’s about making cyber security a part of our organization’s culture and our personal culture at home.”

⏩ Read today’s top stories on wkrn.com

For patients still under the Ascension Hospital umbrella, Augenbaum recommends patients freeze their credit with their credit agencies, think before they click, have a variety of passwords, and utilize two-factor authentication.

“When Blue Cross Blue Shield lost all of my information to hackers, I had no choice,” Augenbaum explained. “What was I going to do? Go to a different healthcare plan? Unfortunately, we are all at the mercy of the healthcare organizations, and they need to step up.”

The last update Ascension Hospital released was last Tuesday, saying in part, “Ascension continues to work with industry-leading cybersecurity experts to investigate the recent ransomware attack and to rebuild and restore our systems securely.”



Source

Related Articles

Back to top button