Russian hackers allegedly breached Methodist McKinney Hospital and two of the company’s surgical centers’ computer systems earlier this summer, exposing patients’ social security numbers, medical history, and more, hospital officials said Tuesday.
An “unauthorized actor” accessed computer systems that held data for Methodist McKinney Hospital, Methodist Allen Surgical Center, and Methodist Craig Ranch Surgical Center, according to a notice posted on the hospital’s website.
The Karakurt gang, a group of Russian hackers, has reportedly boasted on the dark web about acquiring 367 gigabytes of data from the hospital and two surgical centers, according to CBS 11.
The alleged breach happened on July 5 when hospital staff “became aware of unusual activity on certain systems,” at which point the hospital “promptly took steps to better ensure the integrity of the systems” and then began investigating what happened, the notice stated.
The investigation revealed that the hacked data was from May 20 to July 7, and files were copied during the hacking.
The hackers gained access to files that contained patient names, addresses, Social Security numbers, dates of birth, medical history information, medical diagnosis information, treatment information, medical record numbers, and health insurance information, according to the notice.
Cyber security experts said this should never have happened if the proper protections were in place.
“That’s a serious privacy security risk for the patients, so this is a pretty large breach,” cyber security expert Andrew Sternke told CBS 11.
He said the hackers could use the stolen information to harm patients in multiple ways.
“To mess with your finances, to potentially blackmailing individuals regarding very private healthcare information … there’s a lot of potential,” he said.
It is unknown how many people’s data was affected. The hospital is notifying people whose information was accessed as it is learned.
The medical facilities said they reported the cyberattack to federal law enforcement. The hospital is also “reviewing and enhancing existing policies and procedures” for preventing cyberattacks.
The hospital did not confirm how the hackers gained access to the data, but experts say it is likely the result of human error.
“It’s the human element that often get[s] social engineered by one of these hackers to give up information, which will then eventually be used for unauthorized access to the system,” Sternke said.
The hospital advised anyone whose information may have been accessed to monitor their credit accounts for fraud.
30+ years in IT, mostly as a mainframe Systems Software Engineer, tells me that the fault lies with those who install and maintain the hacked system.
“The alleged breach happened on July 5 when hospital staff “became aware of unusual activity on certain systems,” at which point the hospital “promptly took steps to better ensure the integrity of the systems” and then began investigating what happened, the notice stated.” In other words, they locked the barn door after the horse was stolen.