By Art Gross, President and CEO, HIPAA Secure Now!
Twitter: @HIPAASecureNow
Read other articles by this author
The Background
Wolfe Eye Clinic is a healthcare provider located in Iowa. In business since 1919, they specialize in medical eye care and have 11 main eye care clinics across the state, and various other locations that offer treatments. According to their website, they treat approximately 700,000 patients. This seems to be a solid and well-respected healthcare business that knows what they are doing and has stood the test of time. And yet with “one fell swoop”, their business was broadsided by a cybercriminal – they thankfully remain still strong and standing.
In February of 2021, they were the target of a cyberattack when a third party attempted to gain unauthorized entry to the company’s computer network. This resulted in access to some of the system’s information and hardware being blocked for users. Wolfe Eye Clinic acknowledged this and responded immediately. They hired independent IT specialists, forensic investigators, and a credit monitoring agency to handle any possible compromised data for affected individuals. A ransom was not paid, but the circumstances and scope of the cyberattack were not fully realized until May 28, 2021. Nearly four months of effort to uncover what happened. That’s four months of a business possibly not making the expected amount of revenue, four months of having to hire experts and specialists to uncover what happened, and four months of uncertainty.
Every Business Is a Target
Unfortunately, many people tend to think “hackers aren’t interested in us, we’re not the big guys”. The reality is that ANY type of business is a target, especially those in healthcare. With the longevity and success of a business such as Wolfe, we can only assume that policies and procedures are in place to protect their business in a variety of ways. It appears that they did everything right in response to the cyberattack, and they were swift and efficient in their response. But as we read the story and see the press release that they had to create, the partnership with a credit monitoring company that they had to establish, and the other responses necessary to the attack, we are reminded of how much a breach can cost.
If it ‘had to happen’ then it seems that Wolfe Eye Care Clinic is a success story when it comes to being a victim of a cyberattack. When it happens to your business, will the same ring true? Are you aware of what a breach can cost you? We can help you to prepare for a breach in more ways than one and knowing what the financial risk is to your business is something you should know. Do you have any idea of what that amount is? Check out our Breach Cost Calculator and see if your guess is in line with what our years of industry experience have shown us.
A cyberattack is almost guaranteed – the rate of impact is not something anyone can predict, but we can help you to prepare.
This article was originally published on HIPAA Secure Now! and is republished here with permission. HIPAA Secure Now offers annual online subscriptions to help covered entities and business associates keep up with compliance. Learn more here.
HIPAA Secure Now! now offers PHIshMD training for CEs and BAs to help protect your organization from security threats.
Technology safeguards put a virtual wall around your network, but what happens when the bad actors climb over that wall? It’s up to your employees. Over 90% of breaches get caused by human error according to Kaspersky Lab, and if you’re not educating users HOW to protect your organization in this ever-changing threat landscape, your organization could be next. LEARN MORE