Three more DCH patients have filed a federal class-action lawsuit against the healthcare system, saying the ransomware attack that crippled operations in October compromised their personal information.
One of the plaintiffs said someone used her personal information to open a credit card account in November. Another said someone made unauthorized charges to his credit card. The third filed the suit because her personal and financial information was exposed.
The same Birmingham law firm filed a lawsuit last month on behalf of four clients who said their medical care was adversely affected by the ransomware attack. A man said he discovered an unauthorized $1,700 charge when there wasn’t enough in his account to cover an automated draft phone bill.
In December, four women from across West Alabama claimed the 10-day breach caused their lives to be “severely disrupted” increased their risk of becoming victims of identity theft and fraud.
DCH announced Oct. 1 that the computer systems that maintain the files of around 32,000 patients at its three hospitals had been breached. Days later, system officials announced they had paid the ransom, but never divulged the amount. Normal operations were resumed 10 days after the hospitals stopped accepting all but the most critical patients.
DCH officials did not answer questions about how much the system paid the hackers or how long they believe the ransomware had compromised the system. They didn’t address questions about what steps could have been taken to prevent -- and later detect and eliminate – access and didn’t say whether full system backups existed to aid in data recovery.
“Had DCH maintained its property, it would have discovered the intrusion sooner,” attorneys for the plaintiffs wrote in the December lawsuit.
Hackers target large enterprises by using spam emails to deliver the Emotet trojan that then distributes the TrickBot malware. Once a machine is infected with the TrickBot malware, it begins to steal sensitive information and the criminal group tries to determine if the company is an industry target. If so, they deliver the Ryuk ransomware.
Spam emails deliver the Emotet Trojan through an email attachment or embedded link that, when opened, distributes malware called TrickBot.
The TrickBot malware spreads through an organization’s systems, harvesting personal data from users like passwords, mail and other sensitive files. Eventually, it’s used to download the Ryuk ransomware that hackers use to disable the systems and make up to multi-million demands for ransom.