Breach event at ARcare showcases greater need for cybersecurity
Cyber incidents impact a multitude of industries, and healthcare is no exception. A common target for threat actors, hospital and medical networks are prime digital real estate for hackers to break into. Hosting valuable patient data, stolen information is leveraged into future threat campaigns and ransomware attacks.
Though, despite how frequent and dangerous malicious attacks are within the healthcare industry, proactive defense is not always common. For example, a recent cyber breach not only demonstrates its lapses in defense, but why good strategies are still critical alongside agile, informed decision making.
ARcare is the latest victim in a long line of healthcare cyberbreaches where roughly 345,000 patients were affected. ARcare is a multi-state healthcare provider servicing Mississippi, Kentucky, and Arkansas. In February 2022, they experienced a cybersecurity breach event, where malicious third parties gained access to their network and database. The problem here is twofold: the size of the breach and people impacted. ARcare discovered malicious parties had access to their network for at least five weeks while the investigation was ongoing.
ARcare alerted its patient and client base by informing them a “disruption of services” occurred in February 2022. Because of its wide user base, those potentially affeted included pharmacies, medical clinics, community facilities, and school clinics.
What data was exposed?
Medical data in particular is especially sensitive. It can contain more details about an individual than you’d typically find in a website breach. In those breach instances, sometimes info like email and login data are lost. But when cybersecurity events impact healthcare networks, anything ranging from home addresses, social security numbers, identification numbers, licenses, medical insurance info, and account info are just a handful of data points at risk.
How hackers and threat actors use this information varies. Sometimes it’s part of threat campaigns to install malware, and in other instances its used to create phishing emails or social engineering schemes. Regardless, it’s very dangerous and stressful for the patients involved. Additionally, healthcare networks and institutions can potentially face regulatory penalties for not protecting their patient data properly.
ARcare declared the above details were leaked (social security, accounts, etc) but were not aware of any malicious use of said data. That does not mean, however, malicious parties won’t use the info. How it will impact the patients in the future is not clear, though in cases where info is stolen, one potential outcome is the data is collected and sold on darkweb forums for threat campaign purposes.
They discovered the breach in totality on April 4th regarding all personal data, notifying potentially affected users by April 25th.
The need for defense solutions
The ARcare incident is not a rarity, it’s a common happenstance. Industries across the United States are impacted by breach events, and medical networks are particularly vulnerable. The breach of ARcare’s networks highlights not only a need for improved cybersecurity infrastructure, but solutions too.
But often an enterprise lacks the internal resources to maintain its own branch of cybersecurity. Given few options, what do they do? Reaching out to third parties is often the best option when choices are limited.
An MSP solution can, then, address the numerous issues facing an organization, including threat events like with ARcare. Third-party IT solutions provide:
- Training and virtualized services
- Cybersecurity infrastructure and backups
- Hardware installation and setup where available
- Monitoring and 24/7 support
If you’re concerned about facing a breach event like ARcares, you can get help.