Decatur County General Hospital is notifying 24,000 patients of cryptomining software on its EMR system.
In what may be the first report I’ve seen of a hospital having their EMR server hit with cryptomining malware, Decatur County General Hospital in Parsons, Tennessee started notifying 24,000 patients on January 26.
On November 27, 2017, the hospital received a security incident report from its EMR system vendor, which said unauthorized software, designed to mine cryptocurrency, had been installed on the server supported by the vendor. An ongoing investigation has indicated an unauthorized attacker accessed the server with the EMR system and injected the software.
The hospital's EMR server contained data including patient names, addresses, birthdates, and social security numbers, as well as diagnosis and treatment data. There is no evidence either type of data was taken or viewed, and so far it doesn't seem data theft was the attacker's goal. However, the hospital cannot definitively prove data was not compromised and is therefore notifying patients.
DCGH has not named the EMR system vendor and is offering patients the myTrueIdentity online credit monitoring service for one year. Read more details at databreaches.net here.