Ransomware Attacks on Ramsey County and Crisp Regional Health Services and Update on Vaccine Scheduling Application

The County Manager’s Office of Ramsey County, MN sent notifications to 8,700 clients of its Family Health Division about unauthorized persons that potentially accessed some of their personal information because of a ransomware attack on Netgain Technology LLC, one of its vendors.

Netgain Technology LLC located in St. Cloud is Ramsey County’s provider of technology solutions such as an application that the Family Health Division uses for documenting home sessions. Threat actors possibly viewed and downloaded data within the application prior to ransomware deployment. The information in the application included names, birth dates, addresses, dates of service, telephone numbers, account numbers, medical information, medical insurance details, and, the Social Security numbers of selected individuals.

It would seem that the motive behind the ransomware attack was to extort money from Netgain. There was no intention of getting access to personal information; nonetheless, the possibility of unauthorized access or data theft cannot be ruled out.

Ramsey County was advised regarding the ransomware attack on December 2, 2020 and immediately stopped using the services and program of Netgain and followed backup processes. The company had reported the ransomware attack to the respective authorities and implemented measures to fortify security to prevent other attacks.

Ransomware Attack at Crisp Regional Health Services

A January 27, 2020 ransomware attack on Crisp Regional Health Services in Cordele, GA led to the taking down of selected systems by the provider. The ransomware attack affected the hospital’s telephone system. Workers were forced to use radios to facilitate internal communications. Patients and their family members had to use social media to get in touch with each other during the time that the telephone system was unavailable.

Crisp Regional Health Services quickly took steps to secure the information and regulate the attack. Third-party cybersecurity professionals helped investigate the attack and find out the extent of the breach, as well as the likelihood that the attackers accessed or exfiltrated patient data.

Crisp Regional Health Services’ community relations and foundation Director Brooke Marshall mentioned that the attack did not jeopardize workflow, nor compromised patient care.

The investigation is still ongoing and more information will be announced when it is available.

Vaccine Scheduling Application Vulnerability Allowed People to Skip Queue and Get Vaccination Appointments

Michigan-based Beaumont Health experienced a breach last January 30/31 that affected its Epic COVID-19 vaccine scheduling system. An unauthorized person who exploited a vulnerability in the system publicly made known an unauthorized method of making a reservation. 2,700 people were able to book COVID-19 vaccination appointments using this unauthorized method.

Beaumont Health advised Epic concerning the breach on January 31, 2020 and together they dealt with the issue. The vaccination schedules of the 2,700 persons who made unauthorized reservations were canceled. People who fulfilled the eligibility requirements and made legit COVID-19 vaccination appointments were not affected.

Epic further made an announcement that the breach had not allowed any unauthorized person to access patient medical records.