CONFERENCE Cyber AI & Automation Summit - Watch Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Risk Management

N.C. Dermatology Center Discovers Hacked Server Two Years After Attack

In another cowardly Friday afternoon data breach disclosure, Chapel Hill, N.C.-based Central Dermatology Center said that one of its servers was breached by hackers back in August of 2012, but that it has just become aware of the breach.

In another cowardly Friday afternoon data breach disclosure, Chapel Hill, N.C.-based Central Dermatology Center said that one of its servers was breached by hackers back in August of 2012, but that it has just become aware of the breach.

The company said that on September 25, 2014 it became aware that one of its servers had been compromised by malware, sparking them to immediately call in forensic experts to identify the malware and resulting fallout.

In addition to not discovering the breach until roughly two years later, the company acknowledged that they are not sure exactly what data the attackers may have gotten their hands on.

“The information on the server that may or may not have been accessed included patients’ name, address, phone numbers, date of birth, social security number, billing and diagnostic codes, insurance company, insurance co-payment information, healthcare provider, employer information, sex, treatment date, account balance, email address, and race,” the company said in a breach disclosure announcement Friday afternoon.

“The investigation revealed that the attack occurred on or about August 9, 2012 despite safeguards in place, including software on the server designed to prevent such malware,” the company said.

Contacted by SecurityWeek, a company spokesperson declined to comment on the type of malware discovered or the security software that was installed on the server.

The announcement continued:

Based on Central’s forensic investigation to date, it is believed that patient bank account and payment card information were not compromised and electronic medical records were not on this server as they were encrypted by Central prior to the malware being placed on the server.

Responding to a subsequent inquiry as to why the company decided to make the announcement on a Friday afternoon, an unamed company spokesperson provided the following response: “Being thorough is what was required and its what our patients expect and deserve. While the investigation is ongoing, today was the day we were able to provide our patients with valuable information.”

While this incident stemmed from a malicious attack, a study recently released by security firm Bitglass on healthcare data breaches showed that 68 percent of the breaches since 2010 occurred because devices or files were lost or stolen. Only 23 percent were due to hacking, the study found. In the breaches analyzed, 48 percent of the incidents involved a laptop, mobile device or desktop. 

Advertisement. Scroll to continue reading.

According to Mandiant’s 2014 M-Trends report, Mandiant’s investigations found that breaches were discovered in 229 days on average in 2013 vs. 243 in 2012. While these improvements are a positive, it still means attackers are still spending 2/3rds of the year inside an organization’s network before being discovered.

Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is founder and director of several leading cybersecurity industry conferences around the world.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Don’t miss this Live Attack demonstration to learn how hackers operate and gain the knowledge to strengthen your defenses.

Register

Join us as we share best practices for uncovering risks and determining next steps when vetting external resources, implementing solutions, and procuring post-installation support.

Register

People on the Move

Shanta Kohli has been named CMO at Sysdig.

Cloud security firm Sysdig has appointed Sergej Epp as CISO.

F5 has appointed John Maddison as Chief Product Marketing and Technology Alliances Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.