Exploit: Ransomware
Summit Medical Associates: Healthcare Provider
Risk to Small Business: 1.979 = Severe
A data breach has come to light at Summit Health after the Tennessee-based practice group reported that it had experienced an “inability to access certain records” in early June. A tired arty investigator determined that not only was it a ransomware incident, but the cybercriminals had also been able to access to their systems for nearly six months before the breach.
Individual Risk: 2.799 = Moderate
There has been no reported no evidence that patient information was compromised, the affected server did contain patient PII including names, medical information, and Social Security numbers.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Cybercriminals had access to this server for six months before anyone noticed. Security awareness, data handling, credential monitoring, and phishing resistance training keep eyes on the ball for cybersecurity, lowering the chance that something like this happens (or persists).