BOISE, Idaho — An alleged cyber-security incident at a healthcare institution in Idaho has been ongoing for roughly a month.
Weiser Memorial Hospital (WMH) in Weiser, Idaho, said it has been experiencing issues with its computer systems. The issues were first announced on Sept. 5 in a Facebook post stating the computer systems were down, and some delays could be expected for some services.
WMH provided similar updates in additional Facebook posts on Sept. 6 and Sept.19, ensuring patients they were still working to restore their systems fully.
They initially described the incident as network issues and now say they are still in the process of fully understanding the situation.
On Wednesday, WHM gave a statement regarding the situation to KTVB and then posted it on their Facebook page.
“Weiser Memorial Hospital (“WMH”) recently experienced a cybersecurity incident involving our computer systems. Immediately upon learning of this activity, WMH took action to secure our environment and launched an investigation to better understand what information was potentially impacted. The investigation into the incident remains ongoing.
We are aware that a cyber actor group has claimed responsibility for this incident, and to be in possession of WMH data. We are in the process of researching these claims, determining if they are factual, and the possible scope of potentially affected data. Should it be determined that any sensitive data was involved, we will notify individuals in accordance with applicable law.
The protection of patient and employee information is a top priority to WMH, and this incident is being taken very seriously. We are committed to continuously improving our cybersecurity controls and will be evaluating security enhancements that can be implemented to reduce the likelihood of a similar incident reoccurring. Further information will be released should Weiser learn of new developments during the ongoing investigation.”
WHM clarified that the investigation is still ongoing.
Cybersecurity expert and Vice President of Strategy at New Harbor Security, Jack Danahy, has weighed in on the topic, providing suggestions for the public if they do experience a cybersecurity breach.
“Keep an eye out for statements from your healthcare provider or your insurance insurer that gives you records of treatment you didn't get,” Danahy told KTVB on Wednesday.
“I think what's happening is this rapid expansion of technology. The applications of new things like artificial intelligence and analytics, that easy connectivity between systems so they can all talk,” Danahy said about technological advancement.
Danahy encourages everyone to continually take proactive measures with cybersecurity.
One proactive measure that’s becoming increasingly common is installing two-factor authentication (2FA) on network systems.
Two-factor authentication requires different forms of identification to access a system.
In this ongoing investigation, WHM says they are aware of a cyber group claiming responsibility for this network incident.
The group also claims to have data from WHM.
WHM said this has not been verified as factual, and they are still looking into those claims.