The article says "No patient or employee data appears to have been accessed, copied or otherwise compromised.". And yet the attack seems too have potentially attacked every computer in the health service. If they don't have patient or employee data on them, what do they use their computers for? Playing Tetris?
Disclaimer: I don't know how this specific chain does their security/it.
There are many ways the endpoints can be owned but not the data. One option common in healthcare is that the computers are dumb terminals for sessions on a remote server. Another is that to access the data you have to authenticate with a physical smart card.
As long as it's confirmed that the ransomware only attacked the endpoints and no active data exfil was attempted (or hasn't succeeded), the statement may be completely true.
What sort of regulatory process does software used in a hospital need to undergo? I'm aware of patient privacy requirements like HIPAA, are there others?
Starting to look like a pattern, this is several major companies getting ransomed in the last month. Probably organized crime. Ransoming a hospital is especially egregious, so I hope the perpetrators are caught.
Oh yeah, definitely that big bad organized crime. Evil people just being evil because they are evil, probably cackling right now, too.
Or maybe it's a moderately-skilled person in an underdeveloped country, who, despite being moderately skilled, has no legitimate opportunities. Maybe the person responsible even has mixed feelings about it. Who knows?
That poor US hospital, I'm sure it is a bastion of fairness and equality for all. I'm sure this wasn't facilitated by their own greed and negligence.
Save your pearl clutching for nextdoor. Here we like to understand the factors that lead to a particular outcome, rather than moralizing hysteria.
Name for the business you want rather than the customer base you have.
edit: apologies for the jokey answer but it's a serious point. I don't think it's an ironic name for a private company at all. If I'm selling healthcare services of course I want 100% of people buying them from me, ideally with the only competition being my subsidiaries.
How so? "Universal healthcare" just mean everybody has healthcare. It doesn't mean it has to be provided by, or be paid for by the government. Several European countries (eg. Germany, Switzerland, Netherlands) all have universal healthcare that's at least somewhat privately funded.
[+] [-] martyvis|5 years ago|reply
[+] [-] viraptor|5 years ago|reply
There are many ways the endpoints can be owned but not the data. One option common in healthcare is that the computers are dumb terminals for sessions on a remote server. Another is that to access the data you have to authenticate with a physical smart card.
As long as it's confirmed that the ransomware only attacked the endpoints and no active data exfil was attempted (or hasn't succeeded), the statement may be completely true.
[+] [-] gruez|5 years ago|reply
[+] [-] afrcnc|5 years ago|reply
also the linked article doesn't say anything about 250 facilities
think they intended to link this article: https://abcnews.go.com/Health/wireStory/hacked-hospital-chai...
[+] [-] andrewjl|5 years ago|reply
[+] [-] Maven911|5 years ago|reply
[+] [-] fallingfrog|5 years ago|reply
[+] [-] ficklepickle|5 years ago|reply
Or maybe it's a moderately-skilled person in an underdeveloped country, who, despite being moderately skilled, has no legitimate opportunities. Maybe the person responsible even has mixed feelings about it. Who knows?
That poor US hospital, I'm sure it is a bastion of fairness and equality for all. I'm sure this wasn't facilitated by their own greed and negligence.
Save your pearl clutching for nextdoor. Here we like to understand the factors that lead to a particular outcome, rather than moralizing hysteria.
[+] [-] danthemanvsqz|5 years ago|reply
[+] [-] choward|5 years ago|reply
[+] [-] dc3k|5 years ago|reply
[+] [-] Scoundreller|5 years ago|reply
[+] [-] unknown|5 years ago|reply
[deleted]
[+] [-] ZeroCool2u|5 years ago|reply
[+] [-] dang|5 years ago|reply
[+] [-] rbanffy|5 years ago|reply
[+] [-] rathertrue|5 years ago|reply
[+] [-] BuildTheRobots|5 years ago|reply
edit: apologies for the jokey answer but it's a serious point. I don't think it's an ironic name for a private company at all. If I'm selling healthcare services of course I want 100% of people buying them from me, ideally with the only competition being my subsidiaries.
[+] [-] jrott|5 years ago|reply
[+] [-] gruez|5 years ago|reply
[+] [-] hikerclimber1|5 years ago|reply
[deleted]
[+] [-] mightytravels|5 years ago|reply
[+] [-] SkyPuncher|5 years ago|reply
[+] [-] DudeInBasement|5 years ago|reply