|
Post by Ginger on Mar 5, 2024 23:17:58 GMT -6
This health insurance company got hacked and paid a 22 million dollar bitcoin ransom. Hospitals and health systems have been getting hacked for several years now and the last few years having to pay ransoms. Second week of February the teleradiology group that reads exams for us, got hacked. The radiologist that started the business was in their system and noticed some odd behavior and immediately called their IT department and they essentially unplugged everything in ten minutes. They never got a ransom demand and they are still undergoing forensics to identify what was happened. At the time we got an update they only knew that data had been deleted. By the end of the week they had contracted with a different PACS vendor and started getting all of their customers back online again. The HL7 interfaces for orders and results are still down. I have been copy/pasting reports for a couple of weeks now and I am tired of it. www.wired.com/story/alphv-change-healthcare-ransomware-payment
|
|
Other
Sports Moderator
Interim Master of the Universe
Posts: 5,185
Tits or GTFO: GTFO
|
Post by Other on Mar 6, 2024 11:00:22 GMT -6
This health insurance company got hacked and paid a 22 million dollar bitcoin ransom. Hospitals and health systems have been getting hacked for several years now and the last few years having to pay ransoms. Second week of February the teleradiology group that reads exams for us, got hacked. The radiologist that started the business was in their system and noticed some odd behavior and immediately called their IT department and they essentially unplugged everything in ten minutes. They never got a ransom demand and they are still undergoing forensics to identify what was happened. At the time we got an update they only knew that data had been deleted. By the end of the week they had contracted with a different PACS vendor and started getting all of their customers back online again. The HL7 interfaces for orders and results are still down. I have been copy/pasting reports for a couple of weeks now and I am tired of it. www.wired.com/story/alphv-change-healthcare-ransomware-paymentWhat are the consequences if they don’t pay? They seem to be incentivizing the hackers to do this more and more.
|
|
|
Post by Ginger on Mar 6, 2024 15:39:22 GMT -6
This health insurance company got hacked and paid a 22 million dollar bitcoin ransom. Hospitals and health systems have been getting hacked for several years now and the last few years having to pay ransoms. Second week of February the teleradiology group that reads exams for us, got hacked. The radiologist that started the business was in their system and noticed some odd behavior and immediately called their IT department and they essentially unplugged everything in ten minutes. They never got a ransom demand and they are still undergoing forensics to identify what was happened. At the time we got an update they only knew that data had been deleted. By the end of the week they had contracted with a different PACS vendor and started getting all of their customers back online again. The HL7 interfaces for orders and results are still down. I have been copy/pasting reports for a couple of weeks now and I am tired of it. www.wired.com/story/alphv-change-healthcare-ransomware-paymentWhat are the consequences if they don’t pay? They seem to be incentivizing the hackers to do this more and more. I think it varies. Usually they don’t allow them access to their systems and data. Think what a cluster fuck that is for a hospital system with electronic records. They are majority fucked. Unless they had some untouched disaster recovery servers somewhere. With this particular hack I don’t know if it’s this article or another that mentioned two groups working together but it looks like one group took the money and ran and the other group still has the data.
|
|
|
Post by Presidential Immunity Cock on Mar 6, 2024 23:27:07 GMT -6
This health insurance company got hacked and paid a 22 million dollar bitcoin ransom. Hospitals and health systems have been getting hacked for several years now and the last few years having to pay ransoms. Second week of February the teleradiology group that reads exams for us, got hacked. The radiologist that started the business was in their system and noticed some odd behavior and immediately called their IT department and they essentially unplugged everything in ten minutes. They never got a ransom demand and they are still undergoing forensics to identify what was happened. At the time we got an update they only knew that data had been deleted. By the end of the week they had contracted with a different PACS vendor and started getting all of their customers back online again. The HL7 interfaces for orders and results are still down. I have been copy/pasting reports for a couple of weeks now and I am tired of it. www.wired.com/story/alphv-change-healthcare-ransomware-paymentWhat are the consequences if they don’t pay? They seem to be incentivizing the hackers to do this more and more. Basically, their files will stay encrypted and they won't be able to do shit with it unless they have solid off site backups that are tested and verified. I make sure that all our systems are backed up, and stored off-site and that is done daily. If we got hacked I could revert back everything in hours. We also make it much harder for hackers to access our systems as well, but nothing will 100% work with that. If a company pays they are gambling on whether they will actually decrypt them or hand over the key to do it. Or they take the money and run. Key point is to back up shit regularly and test them that they work. If my data center got hit by a tornado I could have our entire on site spun up in the cloud within a few hours or less. It would cost a shit ton, but it would be up.
|
|
|
Post by Ginger on Mar 7, 2024 12:38:18 GMT -6
What are the consequences if they don’t pay? They seem to be incentivizing the hackers to do this more and more. Basically, their files will stay encrypted and they won't be able to do shit with it unless they have solid off site backups that are tested and verified. I make sure that all our systems are backed up, and stored off-site and that is done daily. If we got hacked I could revert back everything in hours. We also make it much harder for hackers to access our systems as well, but nothing will 100% work with that. If a company pays they are gambling on whether they will actually decrypt them or hand over the key to do it. Or they take the money and run. Key point is to back up shit regularly and test them that they work. If my data center got hit by a tornado I could have our entire on site spun up in the cloud within a few hours or less. It would cost a shit ton, but it would be up. We have a disaster recovery server for our images that’s backed up in realtime as well. Different location than our other servers. I don’t know how often that is tested. My former partner used to do that but this jack wagon we have now probably isn’t even aware. I don’t think our teleradiology group had that. Hell they didn’t even make people change passwords logging into their system. Until last week I had the same password since 2005. After the incident we told them we had to have different passwords.
|
|
|
Post by A boy named Sioux on Mar 7, 2024 13:09:00 GMT -6
When I was with Dupont, one of our plant thought they had real time back up, so when they got hacked they told the hackers to get bent. Turns out they didn't have dick for back up and it cost them biggly.
|
|
|
Post by Presidential Immunity Cock on Mar 7, 2024 14:00:17 GMT -6
Basically, their files will stay encrypted and they won't be able to do shit with it unless they have solid off site backups that are tested and verified. I make sure that all our systems are backed up, and stored off-site and that is done daily. If we got hacked I could revert back everything in hours. We also make it much harder for hackers to access our systems as well, but nothing will 100% work with that. If a company pays they are gambling on whether they will actually decrypt them or hand over the key to do it. Or they take the money and run. Key point is to back up shit regularly and test them that they work. If my data center got hit by a tornado I could have our entire on site spun up in the cloud within a few hours or less. It would cost a shit ton, but it would be up. We have a disaster recovery server for our images that’s backed up in realtime as well. Different location than our other servers. I don’t know how often that is tested. My former partner used to do that but this jack wagon we have now probably isn’t even aware. I don’t think our teleradiology group had that. Hell they didn’t even make people change passwords logging into their system. Until last week I had the same password since 2005. After the incident we told them we had to have different passwords. Backups are great. Knowing that your backups work is way better. We randomly test our backups monthly to know that all is good and we haven't had a single failure in the past 2 years since I took over that service. If you don't test, you won't know until it's too late and you have garbage saved.
|
|
|
Post by Ginger on Mar 7, 2024 14:19:44 GMT -6
We have a disaster recovery server for our images that’s backed up in realtime as well. Different location than our other servers. I don’t know how often that is tested. My former partner used to do that but this jack wagon we have now probably isn’t even aware. I don’t think our teleradiology group had that. Hell they didn’t even make people change passwords logging into their system. Until last week I had the same password since 2005. After the incident we told them we had to have different passwords. Backups are great. Knowing that your backups work is way better. We randomly test our backups monthly to know that all is good and we haven't had a single failure in the past 2 years since I took over that service. If you don't test, you won't know until it's too late and you have garbage saved. Maybe we can hire you as a consultant
|
|
|
Post by Presidential Immunity Cock on Mar 7, 2024 15:37:44 GMT -6
Backups are great. Knowing that your backups work is way better. We randomly test our backups monthly to know that all is good and we haven't had a single failure in the past 2 years since I took over that service. If you don't test, you won't know until it's too late and you have garbage saved. Maybe we can hire you as a consultant Knowing you are with a health care system; you can't afford me. However, I can point you in a direction of a good backup provider that we use to manage the day-to-day stuff with backups. They handle our on-prem backups as well as our M365 backups. I basically just verify that all is good and let them handle all the tedious boring work.
|
|
|
Post by Stan's Field on Mar 8, 2024 8:09:12 GMT -6
Don't let him fool you, he's willing to consult and test out the back doors of all your male execs.
|
|
|
Post by TaterWanger on Mar 9, 2024 8:09:09 GMT -6
|
|
|
Post by Ginger on Mar 9, 2024 10:57:16 GMT -6
|
|
|
Post by LansingHawk on Mar 9, 2024 11:29:33 GMT -6
While I realize this could be really bad, I'm glad I don't use a Microsft operating system.
|
|
|
Post by Ginger on Mar 9, 2024 12:02:04 GMT -6
While I realize this could be really bad, I'm glad I don't use a Microsft operating system. But a majority of business do. So that’s the danger.
|
|
|
Post by socal on Mar 9, 2024 12:49:00 GMT -6
While I realize this could be really bad, I'm glad I don't use a Microsft operating system. But a majority of business do. So that’s the danger. Fuck Bill Gates. Would be a fitting full circle to have his IP stolen from him. Now he only needs to die mysteriously after being humiliated. www.pbs.org/wgbh/theymadeamerica/whomade/kildall_lo.html
|
|
|
Post by LansingHawk on Mar 9, 2024 13:27:30 GMT -6
While I realize this could be really bad, I'm glad I don't use a Microsft operating system. But a majority of business do. So that’s the danger. Yes, that is why I said it could be really bad.
|
|
|
Post by Ginger on Mar 9, 2024 14:19:50 GMT -6
But a majority of business do. So that’s the danger. Yes, that is why I said it could be really bad. My apologies for not seeing your disclaimer.
|
|
|
Post by LansingHawk on Mar 9, 2024 18:34:30 GMT -6
Yes, that is why I said it could be really bad. My apologies for not seeing your disclaimer. It's quite alright.
|
|
|
Post by NOTTHOR on Mar 11, 2024 9:32:08 GMT -6
This health insurance company got hacked and paid a 22 million dollar bitcoin ransom. Hospitals and health systems have been getting hacked for several years now and the last few years having to pay ransoms. Second week of February the teleradiology group that reads exams for us, got hacked. The radiologist that started the business was in their system and noticed some odd behavior and immediately called their IT department and they essentially unplugged everything in ten minutes. They never got a ransom demand and they are still undergoing forensics to identify what was happened. At the time we got an update they only knew that data had been deleted. By the end of the week they had contracted with a different PACS vendor and started getting all of their customers back online again. The HL7 interfaces for orders and results are still down. I have been copy/pasting reports for a couple of weeks now and I am tired of it. www.wired.com/story/alphv-change-healthcare-ransomware-paymentWhat are the consequences if they don’t pay? They seem to be incentivizing the hackers to do this more and more. The consequences are you may never recover your data or turn your system back on. This is what happened to that pipeline from the Gulf up to the Northeast. They paid the ransom and got it back up but that thing could have legitimately fucked the entire country because there's no way to stand up a manual backup plan.
|
|
|
Post by TaterWanger on Mar 11, 2024 12:09:37 GMT -6
All this shit it propping uo the crypto bubble
|
|
|
Post by Ginger on Mar 11, 2024 22:01:17 GMT -6
Big if true
|
|