News Insights: Data Breach at KRH May Have Affected 129,000 Patients’ Personal Information – Flathead Beacon

It was reported yesterday that a Data Breach at KRH May Have Affected 129,000 Patients’ Personal Information

According to the story, “The hospital discovered in June that multiple employees had unknowingly provided their KRH email login credentials to “unauthorized malicious criminals by way of a phishing scam.” Lambrecht called the cyber attack “highly sophisticated,” and said upon learning of the scam the hospital immediately disabled the employees’ accounts, notified federal law enforcement and launched an investigation performed by Kroll, a nationally recognized digital forensics firm out of New York.”

News Insights:  

Colin Bastable, CEO of Lucy Security, commented:

 “The healthcare industry has earned its reputation for being the number one target for hackers the hard way. Tight budgets and generally poor cybersecurity hygiene among staff create a target-rich environment for phishing attacks. The risks are exacerbated by the highly fragmented nature of employment in hospitals, with extensive outsourcing across all departments leading to multiple third-party risks. We think of hospitals as single entities. In reality, they are facilities housing employees of many different healthcare businesses, making it impossible to maintain a common cybersecurity posture. Expect more such attacks.”