Dhrama ransomware attack on Texas child healthcare provider compromises thousands of patient data.

A children’s paediatric health centre has been hacked with a wealth of personal data exposed.

Unusually, the hackers created multiple unknown user IDs to access information and no ransom was actually demanded. That being said, healthcare data can be very valuable in itself, so locking an organisation out their own systems to then mine the data is still a crime that may pay dividends to attackers.

Breached data included:

• Patients’ full names
• Dates of birth
• Addresses
• Telephone numbers
• Medical records
• Laboratory results
• Social security number
• Insurance billing data
• Demographic data

Healthcare usually takes the spotlight in the hacking world as medical records and related information can be extremely valuable on the so-called “dark web”. Physicians often need access to updated and accurate medical records quickly so they can treat patients effectively. On the flip side, patients themselves may shudder at the thought of their medical conditions and treatments being made easily available where it could be vulnerable to attack.

It’s the continuing trade-off between readily accessible information which may also be more vulnerable for the very same reasons.

If private and sensitive medical data ever reaches the public, the fallout can cause a significant amount of distress for the victims.

Dhrama Virus used

The malware identified was a Dharma virus. Whilst this branch of malware isn’t usually used to steal information, it can’t be ruled out for definite.

It’s believed that a total of 55,447 patients have had information compromised in the attack on ABCD Children’s Paediatrics. Thankfully, the IT department managed to find the virus and remove it from the system. Reportedly, no information was lost; but it’s unclear if any of it was stolen.

Statement from the ABCD

In one statement, ABCD said they remain “concerned because it discovered user logs indicating that computer programs or persons may have been on the server for a limited period of time.”

The FBI and Department of Health and Human Services in the U.S. has been notified of the incident. These authorities are to be conducting thorough investigations as to how the virus was released and what the damage is.

Victims notified

The health centre has notified patients so they can be on high alert for suspicious activity. ABCD’s own security has reportedly been patched up and modified to prevent a repeat of the incident.

Whilst patients and data owners have been warned and provided with a year’s worth of free credit monitoring, they will still need to remain vigilante to protect themselves against further damage.