My TechDecisions

Facility, IT Infrastructure, Network Security

Hacker Used Malware to Delete 69,000 Patient Files at San Juan Regional

The hacker deleted files that included Social Security numbers, driver’s license numbers, and financial account numbers, among other data.

Leave a Comment

Malware Symantec Daxin
James Thew/Adobe Stock

Medical records for nearly 69,000 patients at a New Mexico hospital were deleted when an unauthorized individual accessed its network last year.

According to a statement released last week by the San Juan Regional Medical Center (SJRMC), the hacker used malware to remove patient information from its network on Sept. 7-8, 2020. The attack was reported to the U.S. Department of Health and Human Services’ Office for Civil Rights on June 4.

After conducting a thorough manual document review of the files that were removed, the hospital said it discovered on July 13 that the impacted files contained patient health information. Some of the deleted filed included patient names, Social Security numbers, birthdates, driver’s license numbers, financial account numbers and medical record details. The affected files and data were not encrypted or held hostage for extortion.

Listen: My TechDecisions Podcast Episode 137: Fileless Malware On The Rise

The hospital took its affected IT systems offline when the attack was discovered and secured the network before bringing the systems back online, according to the notice.

While the hospital said it does not believe any of the stolen information has been misused, it is offering free credit monitoring services for patients whose Social Security numbers were removed.

“Cybersecurity threats continue to evolve and as a result, SJRMC has taken additional steps to secure its network and improve internal procedures to identify and remediate future threats,” the notice reads. “SJRMC continues to assess and update its internal policies and procedures in order to minimize the risk of a similar incident in the future.”

According to SonicWall’s 2021 Cyber Threat Report, ransomware attacks skyrocketed in the first half of 2021, surpassing the entire volume for 2020. In the first six months of 2021, healthcare experienced a 594% increase in ransomware.

The report also found that new malware variants are being discovered, and IoT devices remain vulnerable to compromise.

Additionally, a new trend among cybercriminals is to threaten to delete victims’ data if they call in a professional mediator to help lower prices for decrypter tools.

This article was originally posted on CI sister site Campus Safety Magazine.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Latest Downloads

Practical Design Guide for Office Spaces
Practical Design Guide for Office Spaces

Recent Gartner research shows that workers prefer to return to the office for in-person meetings for relevant milestones, as well as for face-to-fa...

New Camera Can Transform Your Live Production Workflow
New Camera System Can Transform Your Live Production Workflow

Sony's HXC-FZ90 studio camera system combines flexibility and exceptional image quality with entry-level pricing.

Creating Great User Experience and Ultimate Flexibility with Clickshare

Working and collaborating in any office environment today should be meaningful, as workers today go to office for very specific reasons. When desig...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ