Ramsey County and Crisp Regional Health Services Affected by Ransomware Attacks

Share this article on:

The County Manager’s Office of Ramsey County, MN has started notifying 8,687 clients of its Family Health Division that some of their personal information has potentially been accessed by unauthorized individuals in a ransomware attack on one of its vendors.

St. Cloud-based Netgain Technology LLC provides technology services to Ramsey County, including an application used by the Family Health Division for documenting home visits. Data within that application was potentially accessed and exfiltrated by threat actors prior to the deployment of ransomware.  The application contained information such as names, addresses, dates of birth, dates of service, telephone numbers, account numbers, health insurance information, medical information and, for a small number of individuals, Social Security numbers.

The attack appears to have been conducted with the sole purpose of extorting money from Netgain rather than to gain access to personal information; however, it was not possible to rule out unauthorized access or data theft.

Ramsey County was notified about the attack on December 2, 2020 and immediately stopped using Netgain’s services and applications and switched to backup processes. The attack has been reported to the law enforcement and steps are being taken to harden security to prevent further attacks.

Crisp Regional Health Services Hit with Ransomware Attack

Cordele, GA-based Crisp Regional Health Services has suffered a ransomware attack on January 27, 2020 that has forced certain systems offline. The attack disabled the hospital’s telephone system and staff had to resort to radios for internal communication. Patients and their family members were advised to make contact via social media while the phone system was down.

Steps were immediately taken to secure information and contain the attack and third-party cybersecurity professionals have been engaged to assist with the investigation and determine the extent and scope of the breach, and whether the attackers accessed or exfiltrated patient data.

Crisp Regional Health Services’ community relations and foundation director, Brooke Marshall, said “Workflow was never compromised, patient care was never compromised.”

The investigation is ongoing and further information will be released as and when it becomes available.

Vulnerability in Vaccine Scheduling Tool Allowed Individuals to Cut in Line and Book Vaccination Appointments

Beaumont Health in Michigan experienced a breach of its Epic COVID-19 vaccine scheduling application over the weekend of January 30/31. An unauthorized individual exploited a vulnerability in the platform and publicly shared an unauthorized scheduling pathway. That pathway was subsequently used by 2,700 individuals to book COVID-19 vaccination appointments.

Beaumont Health notified Epic about the incident on January 31, 2020 and both worked together to address the issue. All 2,700 individuals who cut in line have had their vaccination appointment cancelled. Individuals who met the eligibility criteria and booked legitimate appointments for a COVID-19 vaccination have not been affected.

Epic issued a statement confirming that the incident did not result in any unauthorized individuals gaining access to patients medical or hospital records.

Author: Steve Alder has many years of experience as a journalist, and comes from a background in market research. He is a specialist on legal and regulatory affairs, and has several years of experience writing about HIPAA. Steve holds a B.Sc. from the University of Liverpool.

Share This Post On