The Federal Bureau of Investigation recently concluded the investigation pertaining to the recent malware attack that targeted UVA Health devices. According to an FBI spokesperson, during the December 2017 hacking, over 1,000 patient health records were exposed, containing diagnosis, treatment, and home addresses. The man behind the attacks was allegedly taken into custody.
UVA Health Physician Devices Hacked, Thousands of Patients Exposed
The FBI revealed that, in December 2017, following a complain received by the UVA Health Systems, the agency discovered that an individual managed to plant a malware device, which granted him view rights of patient records stored physicians’ electronic devices.
Although the malware injection was discovered in late 2017, the agency has reasons to believe that the UVA Health Systems were exposed back in 2015, on the 23rd. Although the person behind this attack has had access to personal data for 19 months, the authorities have no reasons to believe that the individual viewed the records or used the stolen data for nefarious purposes.
According to the FBI official, the individual has been taken into custody and formally charged, but no name was released.
The report shows that after the attack, the hacker gained access to 1,882 patient records, documents which, according to the FBI, contained diagnosis, treatment schemes, names, and home address. Fortunately, the exposed UVA Health System records did not contain financial data such as credit card details.
Following the incident and the individual’s arrest, UVA Health Systems extended a formal apology to all patients whose medical history has been exposed and assured them that the company has taken ample steps in order to prevent a similar event in the future.
As for the individual behind these attacks, the only details released by the FBI were that he was operating from within the United States and that he was acting alone.
Image source: Wikipedia