(800) 869-8643

ghayes@hayesbrokers.com

Case Study: Dental Office Ransomware

Case Study: Dental Office Ransomware

We’ve discussed in previous blog posts about how ransomware has affected cities across the United States. Today, we want to show how ransomware can affect your business and those around you.

Recently hundreds of dentist offices around the country were struck by a ransomware issue. Dentists across the country were unable to access patient records, scheduling, x-rays, and client payment accounts due to ransomware that had not been downloaded by their individual offices.

Here’s What Happened

On August 29, 2019, CNN and other news outlets reported that dental offices around the country were unable to function due to ransomware attacks. The ransomware was not isolated to each individual office. It was actually coming from a centralized location.

These offices utilized the services of third-party providers for their payment systems, scheduling, and storage of patient records. Two companies providing these services had been hit with ransomware attacks, disabling not only their systems but the offices for which they provided services.

Here’s What Happened Next

Over 400 dental offices around the country were affected. Those offices were unable to access records, unable to treat patients and unable to accept payments for several days after the attack while the third-party companies worked to restore access to client records for these offices.

The individual dental offices were financially affected because they were unable to service clients on those dates. There was also confusion due to their inability to access scheduling records.

Cyber Liability Insurance To The Rescue

The third-party vendors reported that around 100 clients (and possibly more at press time of this blog) had systems restored due to their efforts. It is believed they used a decryptor but may have also paid the ransom to regain access to client files.

Cyber Liability insurance may have played a part in the ability to pay the ransom and/or pay for the extraordinary measures required to regain the access lost due to ransomware. In events such as these companies will work with their cyber liability insurers to determine the best and most cost-effective way to return to business as usual.

What You Should Be Asking

Any business in any industry that utilizes third-party software vendors for cloud storage, client records, or payment systems should make sure that said vendor has cyber liability insurance. While some third-party vendors may have commercial insurance, others may self-insure. Having cyber liability insurance is important, but third-party software and web service providers should also have adequate limits.

If a large third-party company with lots of clients only has $1,000,000 in cyber liability coverage but also has thousands of customers, this limit may not be enough to pay all claims. The larger the client base, the higher your limits should be.

Even if your third-party vendor has cyber liability insurance coverage, it would be wise to also purchase your own coverage, just to be sure that your own claims get paid, especially in the event that hackers attack your internal business systems, those not provided by another company.

In these days of online everything, we cannot stress enough how important cyber liability insurance is to your business and the business that you do business with. Call Hayes Brokers today to find out how cyber liability insurance can protect your business.

Submit a Comment

Your email address will not be published. Required fields are marked *