Richmond University Medical Centre (RUMC) in Staten Island, New York, has been dealing with a significant cybersecurity risk since May 2023, following a major ransomware attack. The breach severely disrupted operations and, according to reports, exposed the personal information of over 670,000 individuals.
According to initial findings, the ransomware attack had no effect on the electronic health record (EHR) systems of Richmond University Medical Centre (RUMC).
However, further investigations revealed that attackers accessed or exfiltrated other critical data from the hospital’s network in early May. The breach caused weeks of operational disruption, leading to a thorough investigation to determine the extent of the attack and quickly restore services.
In a security incident alert, the hospital said:
Once the investigation determined what files may have been accessed or removed from our network, we located a copy of each file and then undertook a manual review process of those files to determine whether they contained any sensitive personal information or personal health information.
Investigators confirmed that sensitive personal data was exposed as a result of a cyberattack on RUMC on December 1, 2024. The compromised data included names, Social Security numbers, driver’s licence or state ID numbers, dates of birth, financial and payment card details, biometric data, user credentials, and medical and health insurance information.
RUMC has not disclosed information regarding the attack, including the identify of the ransomware group that was involved, despite the breach’s seriousness. As of this moment, no ransomware group has taken responsibility for this incident.
RUMC’s Response and Recovery Efforts
One concerning factor is the significant delay in notifying those affected by this incident. Although the attack occurred in May 2023, RUMC did not inform the Department of Health and Human Services (HHS) or state attorneys general until December 2024, more than 18 months later.
The delay in alerting victims allows for misuse of stolen information, making them exposed. A comprehensive 12-month credit monitoring program is being extended to anyone whose Social Security numbers may have been compromised. Financial or reputational damage could already have occurred by the time help was available.
The hospital limited disruptions to nighttime trauma and stroke treatment by continuing to provide critical patient services in spite of the breach. With the help of a cybersecurity company, a recovery team tried to repair systems, analyse the impact on patient data, and estimate the extent of the damage. Throughout the incident, emergency care and admissions proceeded as usual.
Increasing cybersecurity need a proactive and realistic strategy. Companies should utilise cutting-edge techniques to identify suspicious behaviour early, train employees to identify such risks, and upgrade their systems on a regular basis.
Encryption protects sensitive information, making it inaccessible to cybercriminals even if stolen. A well-tested incident response strategy ensures prompt action in the midst of a cyberattack, and effective communication procedures help in promptly informing authorities and impacted individuals.
The identification and fixing of vulnerabilities in the storage or access of data also depend on routine audits. By keeping detailed records of data transactions, businesses can better investigate and recover from incidents, staying one step ahead of cyber threats.
The RUMC breach highlights the significance of complying with data protection requirements such as HIPAA. Healthcare organisations must take precautions to secure patient data and quickly disclose breaches.
A company’s reputation may suffer long-term harm and heavy fines for noncompliance. In this situation, the delay in communication could lead to regulatory scrutiny and legal action from impacted individuals.
Start your Phishing Tackle security awareness training today with our two-week free trial and empower your team to navigate emails safely while minimising risks. Consulting with Phishing Tackle can provide valuable insights and tools to help you strengthen your defences against phishing attacks.
