Cleveland Medical Associates was hit with ransomware back in April and has ordered identity protection service for the roughly 22,000 patients whose identities were at risk.

“Wait a second,” you might be saying. “They need to order identity protection service because of ransomware?”

Possibly. Regulators are starting to classify ransomware as a data breach, particularly in the healthcare industry where any sort of access to private health data could be a HIPAA violation. After all, the malware locks away data, so it is possible that it could access it as well.

The best way to prevent a ransomware infection, or most any malware infection, is to make sure your employees receive security awareness training. A large portion of infections result from opening infected email attachments or visiting malicious websites.

Update: A previous edition of this post named the victim as the Cleveland Clinic instead of Cleveland Medical Associates.

Comments are closed.