Breach, Threat Management, Threat Management, Data Security

Adversary breaches Tennessee hospital’s medical records server to install cryptominer

Decatur County General Hospital in Parsons, Tenn., has publicly disclosed that an unauthorized party accessed the server for its electronic medical record system and secretly implanted cryptomining malware.

Although the announcement dates back to Jan. 26, 2018, the incident only began surfacing in various mainstream news reports as of Feb. 8.

The small-town hospital (Parsons' population sits around 2,300) says it first became aware its systems were compromised on Nov. 27 of last year, when the third-party vendor operating its EMR system sent a security report detailing the intrusion, which took place no later than Sept. 22, 2017.

The hacker's motivation appears to have been limited using the server's processing power to mine cryptocurrency. However, because the hospital cannot guarantee that patient data wasn't compromised, it will provide affected individuals with a year of online credit monitoring. Patient data on the system included names, addresses, dates of birth, Social Security numbers, clinical information such as diagnosis and treatment information, and insurance billing details. Healthcare IT News has reported that roughly 24,000 patient records were potentially accessible via the breached server.

"Over the past several months, there have been numerous news stories about computer systems around the country being affected by similar incidents involving the unauthorized installation of this type of software," the disclosure notice reads. "Again, while our investigation continues into this matter, we have no evidence that your information was actually acquired or viewed by an unauthorized individual, and based upon reports of similar incidents, we do not believe that your health information was targeted by any unauthorized individual installing the software on the server."

"Our investigation to date, however, has been unable to reasonably verify that there was not unauthorized access of your information," the disclosure cautions.

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.