Ransomware attack at Blue Springs Family Care compromises patient health information.

On May 12, 2018, Missouri-based health care provider Blue Springs Family Care fell prey to a ransomware attack. The health care center's network was hacked by unknown attackers, during which ransomware and several malware programs were loaded into Blue Springs Family Care's systems. Health records of 44,979 patients including full names, home addresses, birth dates, social security numbers, bank account information, driver’s license numbers, medical diagnoses, and disability codes may have been stolen.

Blue Springs Family Care immediately sent out notices to its patients about the attack and requested they keep an eye on their bank transactions. Blue Springs Family Care also hired a third-party forensic services provider who installed security monitoring software to prevent unauthorized access into their network in the future. This third-party's security team quarantined the malware-infected systems to prevent the malware from spreading to the rest of the network.

Blue Springs Family Care has also armed itself with an entirely new electronic medical record system that encrypts data, which will ensure patient information remains protected even in the case of another breach. Luckily, the medical center was able to regain access to its systems with the help of backed-up data.

Ransomware attacks have targeted the health care industry for its storehouse of sensitive information. Apart from adopting proactive methods like investing in IT security monitoring tools, health care employees should be well-educated on security-specific best practices such as never opening suspicious emails or hyperlinks and reporting any suspicious activity to IT administrators. Learn about the eight best practices for combating ransomware.

Don't want to make the news for the wrong reasons? Download ManageEngine DataSecurity Plus, a tool that can detect, classify , and secure personal data , and mitigate ransomware attacks.

How can ManageEngine help?

DataSecurity Plus, ManageEngine's enterprise data security tool, provides instant alerts to stakeholders upon detecting anomalous activity such as mass access and modifications to files. It also immediately shuts down infected systems to prevent infections from spreading throughout the network. Get your free, 30-day trial.