Kootenai Health cyber attack impacts 464,000 patients
- 15 August 2024
- Data from around 464,000 patients has been compromised in a cyber attack on US healthcare provider Kootenai Health
- The data breach includes patient names, dates of birth, government IDs and medical records
- The incident in February 2024 follows a string of cyber attacks on healthcare providers worldwide
US healthcare provider Kootenai Health has revealed that data belonging to 464,000 patients has been compromised following a cyber attack.
The non-profit health system, based in Coeur d’Alene, Idaho, said it was alerted to a potential data breach in March 2024 after noticing “unusual activity that disrupted access to certain IT systems”.
Following an investigation, Kootenai Health discovered that malicious actors had breached its systems on 22 February 2024, compromising data including “individuals’ names along with dates of birth, social security numbers, driver’s license or government-issued identification numbers, medical record numbers, medical treatment and condition information, medical diagnoses, medication information, and health insurance information”.
Ransomware group ThreeAM has since claimed responsibility for the attack, according to Data Breaches.net.
The hospital began alerting patients impacted by the data breach on 12 August 2024, following a review of the data and the individuals that were compromised.
“As soon as it discovered the incident, Kootenai Health took the steps referenced above. Kootenai Health also notified the Federal Bureau of Investigation and will provide whatever cooperation is necessary to hold the responsible parties accountable, if possible,” the hospital said in a statement, published on 12 August 2024.
It added: “Kootenai Health takes the security and privacy of personal information in its possession very seriously and is taking additional steps to prevent a similar event from occurring in the future”.
Akhil Mittal, senior manager at cybersecurity company Synopsys Software Integrity Group, said the data breach at Kootenai Health data breach “shows how serious cyber threats in healthcare have become”.
“We have seen several similar breaches in recent times, showing a growing trend.
“Healthcare providers are custodians of our most sensitive information and should regularly check their security measures and have a solid plan for responding to incidents,” Mittal added.
The incident follows a string of incidents in which hospitals and healthcare organisations have been targeted by malicious actors seeking to hold sensitive patient data to ransom.
In May 2024, US non-profit health system Ascension disclosed that its electronic health records system had been targeted in a ransomware attack, impacting operations across many of the 140 hospitals in which it operates. Ascension announced that all of its systems had been restored in June 2024
Pathology system provider Synnovis is still getting its core IT systems back online following a ransomware attack in June, which prompted the postponement of thousands of elective procedures and outpatient appointments at King’s College Hospital NHS Foundation Trust and Guy’s and St Thomas’ NHS Foundation Trust.
Meanwhile, the Information Commissioner’s Office has imposed a £6.09 million fine on software provider Advanced following an initial finding that it failed to implement measures to protect the personal information of almost 83,000 people, during a cyber incident in August 2022.
The King’s Speech on 17 July 2024, outlined prime minister Keir Starmer’s plans to introduce a new Cyber Security and Resilience Bill, which will expand regulation to cover more digital services and supply chains.
