A Maryland long-term care operator became the latest victim of a ransomware incident. In June, Lorien Health Services, which offers assisted living, skilled nursing and rehabilitation at nine locations, reported that data from 47,754 residents was stolen and encrypted by the ransomware strain NetWalker.
NetWalker, which has a history of attacking healthcare organizations, posted screenshots of the stolen information after Lorien refused to pay the ransom demand. An investigation revealed that personal information including residents’ names, Social Security numbers, dates of birth, addresses, and health diagnoses and treatment information had been accessed.
Once the incident was detected, the firm engaged a team of cybersecurity experts to assist with its response and to determine whether any personal information was, in fact, accessed during the incident. Lorien also notified the FBI and all potentially affected residents by letter in July, offering complimentary credit monitoring and identity protection services through ID Experts to anyone affected by the event.
According to the FBI, the best way to avoid being exposed to ransomware — or any type of malware — is to be a cautious and conscientious computer user when it comes to what you download and click on. The agency also recommends that businesses keep operating systems, software and applications current and up-to-date, and ensure antivirus and anti-malware solutions are set to automatically update and run regular scans.
Backing up data regularly and ensuring those backups are completed is also a key component in preventing a ransomware attack.