Security Experts:

Connect with us

Hi, what are you looking for?


Risk Management

N.C. Dermatology Center Discovers Hacked Server Two Years After Attack

In another cowardly Friday afternoon data breach disclosure, Chapel Hill, N.C.-based Central Dermatology Center said that one of its servers was breached by hackers back in August of 2012, but that it has just become aware of the breach.

In another cowardly Friday afternoon data breach disclosure, Chapel Hill, N.C.-based Central Dermatology Center said that one of its servers was breached by hackers back in August of 2012, but that it has just become aware of the breach.

The company said that on September 25, 2014 it became aware that one of its servers had been compromised by malware, sparking them to immediately call in forensic experts to identify the malware and resulting fallout.

In addition to not discovering the breach until roughly two years later, the company acknowledged that they are not sure exactly what data the attackers may have gotten their hands on.

“The information on the server that may or may not have been accessed included patients’ name, address, phone numbers, date of birth, social security number, billing and diagnostic codes, insurance company, insurance co-payment information, healthcare provider, employer information, sex, treatment date, account balance, email address, and race,” the company said in a breach disclosure announcement Friday afternoon.

“The investigation revealed that the attack occurred on or about August 9, 2012 despite safeguards in place, including software on the server designed to prevent such malware,” the company said.

Contacted by SecurityWeek, a company spokesperson declined to comment on the type of malware discovered or the security software that was installed on the server.

The announcement continued:

Based on Central’s forensic investigation to date, it is believed that patient bank account and payment card information were not compromised and electronic medical records were not on this server as they were encrypted by Central prior to the malware being placed on the server.

Responding to a subsequent inquiry as to why the company decided to make the announcement on a Friday afternoon, an unamed company spokesperson provided the following response: “Being thorough is what was required and its what our patients expect and deserve. While the investigation is ongoing, today was the day we were able to provide our patients with valuable information.”

While this incident stemmed from a malicious attack, a study recently released by security firm Bitglass on healthcare data breaches showed that 68 percent of the breaches since 2010 occurred because devices or files were lost or stolen. Only 23 percent were due to hacking, the study found. In the breaches analyzed, 48 percent of the incidents involved a laptop, mobile device or desktop. 

According to Mandiant’s 2014 M-Trends report, Mandiant’s investigations found that breaches were discovered in 229 days on average in 2013 vs. 243 in 2012. While these improvements are a positive, it still means attackers are still spending 2/3rds of the year inside an organization’s network before being discovered.

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem

Risk Management

In this virtual summit, SecurityWeek brings together expert defenders to share best practices around reducing attack surfaces in modern computing.

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...