top of page

Cybersecurity and Medical Groups

City of Hope Pwned

Charles Parker


The list of medical companies being compromised continues to grow. It seems like very

day there are more of these. The reach of the issue goes far beyond the company or practice

and to the patients who have to deal with this for years and years, always watching if their tax

return has been fraudulently filed, new credit cards opened by someone in the victim’s name, or

simply their identity stolen for whatever purpose the adversaries want.


A successful attack was on the City of Hope. This is a cancer treatment center. The City

of Hope (on a tangent, of all the potential targets a cancer treatment center was chosen?)

detected unusual activity on one of their systems around October 13, 2023. Upon verifying the

issue, the security team went into incident response mode and began to put their plans into play

to stop the continued internal growth of the attack.


While they were diligent, the adversary did gain unauthorized access/foothold to a

portion of their systems and were able to copy files with sensitive, personal data. The data set

would be perfect for the adversaries to sell in whole or cut into pieces. This included the

patient’s name, email address, phone number, date of birth, social security number, driver’s

license number or other government ID, their financial details, health insurance information,

medical records, and more. For each person this is a treasure trove. In this incident, 827,149

people were affected.


As part of the post-incident, the City of Hope did notify the Attorney General’s Office. The

organization also led an investigation into the attack.


About the author-

Charles Parker II has been working in the info sec field for over a decade, in the banking,

 medical, automotive, and staffing industries. Charles has matriculated and attained the MBA,

 MSA, JD, LLM, and is in the final stage of the PhD in Information Assurance and Security

 (ABD) from Capella University. Mr. Parker’s areas of interest include cryptography, AV, and

 SCADA.

Comentários

Featured Posts
Check back soon
Once posts are published, you’ll see them here.
Recent Posts
Archive
Search By Tags
No tags yet.
Follow Us
  • Facebook Basic Square
  • Twitter Basic Square
  • Google+ Basic Square
bottom of page