Radiology and Oncology Clinic, Akumin, Suffers Ransomware Attack
Table of Contents
- By Steven
- Oct 24, 2023
Akumin is a radiology and oncology clinic based in Florida with multiple locations. Last week, three of their South Florida locations shut down their computer systems to hobble a ransomware cyberattack. The downtime significantly impacted the three clinics, as the doctors could not complete patient assessments. Recent patients in the area should consider protective monitoring services to help mitigate potential outcomes from the attack.
How Did the Attack Occur?
Not much is public about how the attack happened. Akumin’s notice lists the event as a “ransomware incident” where “suspicious activity” occurred in their technology network. Nothing else is currently known about the attack, so speculation is challenging. A ransomware incident could come from social engineering; it could come from a vulnerable third-party application; it could come from a successful phishing attack; it could even come from an infected USB or link accessed on the same network.
What Information Was Viewed or Stolen?
Whether the ransomware attack proved successful is unknown. Although attackers targeted other medical facilities recently, this event’s goals may differ from other instances. It is reasonable for patients in the area to be concerned about their personally identifiable information (PII) and medical records. A leaked Social Security Number may set a patient up for identity or credit fraud; medical records could allow a hacker to commit medical fraud or steal healthcare services without you knowing. If you suspect hackers may have exposed your information, it’s never too late to take protective action.
How Did Akumin Admit to the Breach?
On or around October 11th, Akumin noticed suspicious activity and shut down their systems in response to the attack. The shutdown immediately halted clinic activities but severed the connection to associated networks. An investigation began, and two days later, the clinic began to see a few particular patients. On October 20th, Akumin posted an update to their notice page, outlining the public events; they have not regained a secure cyber environment but will notify patients as soon as possible.
What Will Become of the Stolen Information?
We know nothing about the stolen data or how the hackers accessed it, but we know the thieves implemented ransomware. Subsequently, whatever details were attained by the threat actors will be used as leverage. Most likely, the actors will ransom the data to Akumin, and they will determine the following actions. Patients in the area may still have information at risk for exposure following the ransom outcome; they must take action to protect their information.
What Should Affected Parties Do in the Aftermath of the Breach?
Although the Akumin investigation has finished, staff cannot notify patients of the breach until their systems are secured. However, patients don’t have to wait for their notification in the mail to take defensive measures. Begin protecting yourself by hiring a financial monitoring service. They’ll notify you of any suspicious activity with your accounts. Then, consider investing in an identity monitoring service. They’ll put a stop to any fraud they find. Those at risk for medical fraud must consider record monitoring—it’s easier and faster than waiting for an Explanation of Benefits. Don’t wait for the notice in the mail to take preventative measures; it’s not a matter of if the hackers will misuse the information, but when.