The Brooklyn Hospital Center hit by hackers

November 05, 2019
by Thomas Dworetzky, Contributing Reporter
The Brooklyn Hospital Center in New York has been struck by hackers.

“We have no evidence of actual or attempted exfiltration of patient information related to this incident,” the hospital said in a statement, adding that some data had been rendered unrecoverable.

The incident took place in July, when the hospital noticed “unusual activity” on some of its servers, at which point it began its investigation, including the hiring of outside investigators.

“We determined that a malware that encrypted certain systems had disrupted the operation of certain hospital systems; however, the investigation found no evidence that data was actually accessed or acquired by an unauthorized person(s)” it stated.

The malware corrupted some patient data, including some patient names and certain cardiac or dental images.

Those affected patients will get a letter notifying them, and the hospital also posted information on steps that can be taken online at its website.

This incident is just the latest as hackers continue to target healthcare facilities due to the high value of the data they have stored on their systems.

In October, after getting slammed with a ransomware attack, three DCH system hospitals in Alabama — in Tuscaloosa, Northport and Fayette — reportedly paid the hackers responsible for a crippling ransomware attack.

In the first nine months of 2019, at least 621 various government and private groups — of which 491 were healthcare providers — have been hit by ransomware, according to a report by the cybersecurity firm Emsisoft.

The scope of the attacks can be daunting. A larger, international ransomware attack could cost the U.S. economy almost $89 billion, according to a report by the Cyber Risk Management (cyRiM) project, an initiative for assessing cybersecurity risks, of which specialist insurance and reinsurance market, Lloyd’s, is a founder.

The report also advised that the total global price tag of such an attack could hit $193 billion.

“Overall, healthcare facilities have likely become susceptible to ransomware and other cybersecurity threats due to the lack of historical focus on cybersecurity as a key priority,” Juuso Leinonen, senior project engineer at ECRI Institute, told HCB News at the time, adding that, “the rapid trend in connecting medical devices and overall increase in connected data systems integral to patient care have likely exacerbated the problem.”