This Week in Breach: Columbia Surgical Specialists

Columbia Surgical specialists: Surgical facility in Spokane, Washington. 

Risk to Small Business: Severe: Columbia Surgical Specialists decided to pay almost $15,000 in ransom to unlock files that were encrypted by hackers. After originally discovering the incident on January 9th, the firm hired an outside security firm to mitigate the aftereffects of the attack. Initially it was believed that 400,000 patients could have been affected, but the number has since then been reduced. Columbia Surgical Specialists explained that their delay in reporting was due to the time needed to analyze information surrounding the breach, and they do not believe that the attackers were able to access patient data.

Individual Risk: Severe:  Names, drivers’ license numbers, SSNs, and protected health information was impacted in the ransomware attack. However, the outside security firm believes that it is unlikely that the data was exposed in the incident.

Customers Impacted:  To be determined

How it Could Affect Your Customers’ Business: Ransomware is a sticky subject for businesses and can resemble a virtual hostage situation. In the event of an attack, security experts recommend not paying ransoms to hackers, since it incentivizes future exploits and can result in greater demands. To prevent such exploits from occurring in the first place, organizations must partner up with managed security providers.

Read more


In Other News: Why human behavior is at the heart of cybersecurity risk

As the delineation between personal and business continues to blur with trends like bring your own device (BYOD), IOT and work from home, cybersecurity risk increases exponentially. Pair this with the societal lack of cybersecurity knowledge and it creates the perfect storm for hackers to exploit. Cybercriminals follow the path of least resistance, and many times this takes the form of exploiting human vulnerabilities.

Most security and compliance tools on the market are focused on safeguarding endpoints and patching vulnerabilities, but what about the risks that are amplified by human behavior? To stop the cyberattacks of the future, businesses must task themselves with developing a people-centric strategy for cybersecurity.

Read more

Previous
Previous

Moving Enterprise Resource Planning Applications to the Cloud

Next
Next

Scam of the Week: The Bad Guys Are Spreading Malware Through Popular Messaging Apps