Imperial Health sends patient notices after cyber ransom attack

Updated: Aug. 2, 2019 at 7:47 PM CDT
Email This Link
Share on Pinterest
Share on LinkedIn

LAKE CHARLES, La. (KPLC) -Patients of Imperial health have received letters in the mail concerning a cyber security problem that occurred in May.

Imperial health isn't the first and won't be the last to send letters to customers about unauthorized disclosure of information for patients.

The letter says in May, someone used a malicious virus to encrypt data in their computer system. They then tried to get Imperial to pay money to restore access to the system.

Commander Gene Pittman says both CPSO and the FBI are investigating.

“We determined that there was what we call ransom ware, so essentially, ‘Hey, we’ve got your information, we’ve got it locked up. We’re not going to allow you to have access back to it until you pay what they call a ransom.’ And most of the crypto currency or bit coin, or whatever. If you pay the currency, then we’ll release your information to you and with each passing minute the price goes up,” he said.

Investigators say they are working to try to identify the source of the malicious computer virus at Imperial.

A spokesman for Imperial says no ransom was paid and that the notices were sent out of an abundance of caution because they do not believe any patient information was taken. Also, they say Imperial was able to restore all patient files from backups.

The letter sent to patients says they recommend patients take the following steps to protect themselves from potential harm from the incident:

Register a fraud alert with the three credit bureaus:

-Experian: (888) 397-3742

-TransUnion: (800) 680-7289

-Equifax: (800)525-6285;

-Monitor credit card statements, EOBs and credit bureau reports closely.

The letter goes on to say, "If you determine that your information has been compromised, notify your local law enforcement agency to assist in further investigation. Additionally if you suspect identity theft, contact the Federal Trade Commission at 877-ID-THEFT (877-438-4338) and the Louisiana Attorney General’s Office at 800-351-4889.

The company also supplied a phone number for customers to call.

Still, such notices come in the mail so often, many people are desensitized and often ignore them. Cyber security consultant Vic Wukovits says people should pay close attention and always change passwords.

“You should also be using a different password for every account you have. It gets very, very convoluted and complex to try to remember all that stuff and that’s why there are programs to allow us to do that easily like lastpass is one I recommend, but that way you can keep a different password for each account,” said Wukovits.

If you do get notified of an actual breach, he says it’s important to find out what data was compromised. While your name and street address are likely out there on public records, other information he says you should keep closer to your chest include your email, your date of birth, a card number. He says crucial personal information should cause a “red alert" for people.

“Social security number, your actual credit card numbers, passwords to these accounts. If that data is out there you need to take action immediately,” he said.

First and foremost, he says change passwords. He emphasizes keep them safe and keep them different. Then he says contact financial institutions, depending on the type of data breach that occurred. (No financial information was accessed or encrypted in the Imperial Health incident.)

Otherwise he says criminals might take your information and use it to take out lines of credit and causing it to appear you owe money you don’t. He says financial institutions can put flags on your account.

Wukovits also recommends contacting the three credit bureaus who can notify you if someone tries to open up a line of credit.

He says people can continually audit and improve on their security practices.

Also, he says there are dark web monitoring services who can let people know if their information has been breached. Wukovits owns Bayou Technologies.

Copyright 2019 KPLC. All rights reserved.