A Southern California hospital reports that some malicious hackers had access to information about donations and specific patients, but did not believe the information had been made public.
Like many other nonprofits and medical providers, Methodist Hospital of Southern California uses Blackbaud Inc. to host the institution's fundraising bases.
Blackbaud was the victim of a ransomware attack between February and May 2020, when hackers stole data from the company's network and then threatened to block access to its data. company and its hundreds of customers, unless paid ransom they asked for.
Donor information, along with a limited amount of patient information from Methodist Hospital in Southern California, was part of a subset of stolen data, the hospital said in a press release.
Although hackers only had access to the hospital's information, they may have seen their full names, telephone numbers, e-mail, the birth dates, the sexes, the medical records numbers and possibly the date of admission to the patients' hospital, the press release says.
In collaboration with law enforcement, Blackbaud said it paid the ransom to obtain access in its files and received confirmation that the copy of the files had been corrupted.
"Blackbaud has assured the Methodist Hospital of Southern California that it has no reason to believe that the data beyond this crime "were published in cyberspace," the hospital's news bulletin said.
Blackbaud has hired a team of third-party experts to monitor the dark web - a part of the internet hidden from the general public where information sold or offered for free - to ensure that the data will not be further disseminated.
Attacks like these have become more common in recent years as hackers have turned their attention to vulnerabilities in corporate and government networks, stealing data and locking companies out of their own systems, unless they pay the ransom they demand.
If they refuse to pay, these so-called ransomware gangs publish the data publicly on the dark web, ZDNet reports. Most choose to pay, despite concerns that this may simply be the case encourages hackers to make more attacks in the future.
Source of information: pasadenastarnews.com