Almost a week after the significant ransomware attack on the Ireland Health Service (HSE) network, the group responsible has started leaking patients’ medical and personal details online.
HSE publicly disclosed the attack on Friday, when the organisation announced that it had shut down its IT systems. The attack affected diagnostic services and forced many hospitals to cancel appointments.
The Financial Times claims to have seen screenshots and files, seemingly confirming that the Conti ransomware group is now leaking data onto the dark web.
Irish Prime Minister Micheál Martin has ruled out paying a ransom to the Conti cyber gang.
<p>Healthcare organisations have been a major target since the start of the pandemic, and as a result need to ensure they take every precaution necessary to protect patient data. Hundreds of hospitals, medical offices, and imaging centres have contributed to over a billion exposed records; Ireland\’s health service, the Health Service Executive, has become one of many.</p> <p><br /><br />The rapid digitisation of patient records means it’s been very difficult to implement consistent data security policies and training schemes to educate staff on keeping data safe. As healthcare organisations make patient data more accessible to individuals and new systems, they must make information security their top priority.</p> <p><br /><br />Strategic investments in cybersecurity will make a significant impact on protecting healthcare businesses against cyber security risks, which will potentially save billions in the long run. To prevent future ransomware attacks and safeguard highly sensitive information, organisations must have full visibility and control over their data. This can be accomplished by leveraging multi-faceted solutions that defend against malware on any endpoint, enforce real-time access control, detect misconfigurations, encrypt sensitive data at rest, and prevent data leakage. What’s more, healthcare organisations need to ensure adequate employee training to protect from ransomware. Employees must be able to identify phishing attempts and illegitimate emails, which is the primary vector for ransomware attacks.</p>