CO: Allergy clinic finds signs of ransomware, notifies patients
Jennie Trejo reports:
Allergy, Asthma & Immunology of the Rockies, P.C. (AAIR), a full-service allergy clinic, found evidence of ransomware on its computer systems on May 16.
Kari Hershey, an attorney for AAIR, said the disturbance was first noticed when they had trouble accessing a few of the documents.
“They weren’t able to track exactly what the hackers did, but what they did find was a draft of the ransom letter on the system,” Hershey said. “The way it was explained to me is that it essentially looked like the hackers were still testing out the ransomware.”
Because the ransomware was still in its early stages, there is no evidence that any of the information on the system has been copied or used in any way, although it did pass through a password protected firewall. Hershey said they would expect to know if sensitive information was harvested by this point in the investigation.
“Having said that, there was a breach of the system. Just out of an abundance of caution, we do want people to sign up for an identity theft protection program. That way if they do have a problem they can get help.”
Read more on the Post Independent.
The incident was reported to HHS as affecting 6,851 patients.
Anonymous - July 6, 2016
it may have been this one:
Free decrypter available for download for MIRCOP ransomware.
A security researcher created a decrypter tool that can recover
files locked by the MIRCOP ransomware without paying the ransomware fee after an
independent researcher and security researchers from Trend Micro revealed the
presence of the new ransomware family at the end of June.