Namaste Health Care alerts patients to security breach
ASHLAND - Namaste Health Care alerted 1,600 patients to a security breach that happened the weekend of Aug. 12-13. A hacker installed ransomware on the system, compromising a database that, according to a press release, could potentially contain patients' names, addresses and social security numbers.
Namaste's business manager, Theresa Early, said she does not believe the hacker actually accessed or viewed any of that information.
"As far as we can tell, no data was actually viewed. They just wanted a reward essentially. They wanted that payment," Early said.
Early said she noticed a user she didn't recognize logged onto the server on Aug. 14. She contacted the I.T. department but, because the attack happened over the weekend, said it was too late.
"They had installed a cyber attack malware with a lock file extension," Early said. "It locked up our file server and, unfortunately, our attached backup, before we got it disconnected."
Michael Hendrix, service administrator for Midwest Computech, said, in this situation, there is only one outcome.
"If you have a backup running, you can restore from the backup, but if you don't, there is no way to get access back except to pay," Hendrix said.
Namaste paid 1/2 a bitcoin to the hacker in order to access its system again. Based on August exchange rates, that is equivalent to about $2,500.
Early said Namaste was already in the process of upgrading its server.
"We had already started that process before August, so we've upgraded everything since then," Early said. "Not only our server but our firewall, access and our passwords, permissions and everything else."
Hendrix said most businesses have safeware and firewalls installed, but hackers can get around those safeguards through emails and spoofing web addresses. He said the most important takeaway is user education.
"Sometimes it can appear like an email, like from FedEx, saying 'Click here to track your package,' but when you click it downloads the malware," Hendrix said. "People need to be aware of what the email looks like. You should always be suspicious if you don't know where it came from, if there are misspellings in the email and if it just looks sketchy."
Hendrix said hackers are not going to discriminate. They can target anyone and everyone.
"They get ahold of email lists and just blast it out to everyone on there," Hendrix. "There'll be a splash screen that says, 'You've been compromised, pay or you can't get this information back."
Early said the breach has not taken much toll on the day to day work at Namaste, but the process of working with attorneys and insurance companies has been long and stressful.
"I'm just astonished how long things like these take," Early said. "It's still not over and it probably won't be for a while."
Early said Namaste was able to minimize its losses.
"Luckily, the owner of Namaste was smart enough to add cyber security insurance onto the malpractice insurance we have," Early said. "I believe our insurance will pay for everything, but it's a long and chaotic process. I'm still getting bills so its too early to tell."
Early said patients have been understanding. Namaste has set up a call center for patients to ask any questions they may have regarding the breach. According to a press release, it is also "offering affected individuals the opportunity to have AllClear ID protect their identity for 12 months at no cost to them."