A cyber attack that hit a contracted vendor of Spectrum Health, Wolverine Services Group, has impacted approximately 60,000 patients of Spectrum Health Lakeland. Wolverine’s systems were attacked by a ransomware attack. A ransomware attack occurs when hackers gain access to a system and encrypt a portion or all of the files and demand ransom payment in order to release instructions on how to decrypt the files.
The breach in this incident affected only the Lakeland portion of Spectrum Health, not their entire system. As is usual with breaches such as this, it occurred well before it was discovered: the breach occurred in September but wasn’t discovered until December. More can be read about this incident here.
In a more recent ransomware hack in Michigan, which occurred on April 1st at a doctor’s office in Battle Creek, the doctors of this office decided to retire early, after they refused to pay the ransom payment and the hackers erased all their files. The files were already encrypted by the office’s software system, so no personal information was gained. However, with patient files gone forever, much data that was already gained through tests and other means will never be recovered, as the article from WWMT states.
While these two cases show issues at businesses, and we as citizens only have so much control over business records, it is important for every person to keep secure their private information. We will continue to work to update this blog on ways users can prevent becoming the victim of cyber incidents (malware, phishing, etc.). If you have any questions or would like to discuss, we’re here to help.