Hacker Used Malware to Delete 69,000 Patient Files at San Juan Regional
The hacker deleted files that included Social Security numbers, driver’s license numbers, and financial account numbers, among other data.
FARMINGTON, N.M. — Medical records for nearly 69,000 patients at a New Mexico hospital were deleted when an unauthorized individual accessed its network last year.
According to a statement released last week by the San Juan Regional Medical Center (SJRMC), the hacker used malware to remove patient information from its network on Sept. 7-8, 2020. The attack was reported to the U.S. Department of Health and Human Services’ Office for Civil Rights on June 4.
After conducting a thorough manual document review of the files that were removed, the hospital said it discovered on July 13 that the impacted files contained patient health information. Some of the deleted filed included patient names, Social Security numbers, birthdates, driver’s license numbers, financial account numbers and medical record details. The affected files and data were not encrypted or held hostage for extortion.
The hospital took its affected IT systems offline when the attack was discovered and secured the network before bringing the systems back online, according to the notice.
While the hospital said it does not believe any of the stolen information has been misused, it is offering free credit monitoring services for patients whose Social Security numbers were removed.
“Cybersecurity threats continue to evolve and as a result, SJRMC has taken additional steps to secure its network and improve internal procedures to identify and remediate future threats,” the notice reads. “SJRMC continues to assess and update its internal policies and procedures in order to minimize the risk of a similar incident in the future.”
According to SonicWall’s 2021 Cyber Threat Report, ransomware attacks skyrocketed in the first half of 2021, surpassing the entire volume for 2020. In the first six months of 2021, healthcare experienced a 594% increase in ransomware.
The report also found that new malware variants are being discovered, and IoT devices remain vulnerable to compromise.
Additionally, a new trend among cybercriminals is to threaten to delete victims’ data if they call in a professional mediator to help lower prices for decrypter tools.