Case Study: The Devastating Impact of a Ransomware AttackPercy Syddall of A1Care Offers Lessons Learned
One of the earliest ransomware victims in the healthcare sector has a strong message for organizations that believe they won't be targeted: Get prepared for an attack - otherwise you risk a devastating impact.
When home healthcare firm A1Care, based in San Jose, California, was attacked more than a decade ago, the impact left a lasting impression. The company's president, Percy Syddall, hopes his experience provides important lessons to others.
A1Care was a 4-year-old company that had recently moved all its client information into a web-based database when it was attacked by hackers in June 2006, he says in an interview with Information Security Media Group.
"We came into the office, turned on the computer and we couldn't access our database," he says. The company recruited assistance from local computer engineers who fruitlessly tried to retrieve access to the database.
On the third day after the problem was discovered, A1Care received a phone call from the attackers demanding a $700,000 ransom - much larger than the ransoms demanded these days - to unlock and recover its data.
The biggest problem that A1Care faced was that it didn't have a backup copy of the database, nor an easy way to track down and re-create the sensitive, detailed information of its 113 home healthcare clients.
"It got to the point where I had to notify my clients. ... I had to tell them that their private information in regards to their Social Security numbers, driver's license numbers, credit card information [was potentially lost due to the attack] - that was really tough," he says.
To retrieve that critical client information, "we decided to pay the ransom," he says. "That amount of money set us back about two years" in terms of growing the business, he adds. "I had to scrounge around to get that money."
Despite A1Care's use of anti-malware software and some other security precautions, "I realized that the basic security that I had wasn't good enough to stop this ransomware," he says.
Since the attack, A1Care has been bolstering its security practices, including its network and database security, with the help of the cybersecurity firm BoldCloud, he notes.
What's his advice to other smaller healthcare organizations? "Always have a designated person to keep up with what's out there" in terms of the emerging cybersecurity threat landscape and the technologies and practices needed to defend against those threats, he says.
In the interview (see audio link below photo), Syddall also discusses:
- Other details of the ordeal his company went through in trying to mitigate and recover from the ransomware attack;
- Why he fired some employees in the aftermath of the attack in order to prevent other potential security breaches;
- Other top lessons he learned from the ransomware attack on his company.
Syddall is 25-year veteran in the healthcare industry, including the home healthcare field. Since the 2006 ransomware attack on his company, A1Care, he has been working with other smaller healthcare organizations to help them navigate the complexities of the security landscape.