System hacked sign
(Photo credit: Sashkinw/Getty Images)
System hacked sign
(Photo credit: Sashkinw/Getty Images)

A recent cyber incident involving a Kansas-based long-term care provider points to the need for such organizations to strengthen their cybersecurity preparedness. 

Medicalodges, a company that operates 30 facilities in Kansas, Missouri and Oklahoma, was one of two companies targeted by the Karakurt Ransomware Extortion Group, KSN-TV in Kansas reported in April.  

Medicalodges CEO Scott Hines acknowledged that a “cybersecurity incident” occurred in March but said the company still is investigating whether any personal healthcare data were breached. 

“We are currently treating it as a cybersecurity incident,” Hines told McKnight’s Tech Daily Friday. “We did not determine it to be a breach. We brought in a team of cybersecurity experts to assist us in the investigation, but as of this point the investigation is still ongoing.”

Hines said the company did receive an email from the hacking group at the time the incident occurred but “we did not respond to it upon the advice of our cyber team.”

“We did not enter into any dialogue with the threat actor, but it was a group our cybersecurity team was familiar with,” he said. 

KSN-TV reported the Karakurt ransomware group claimed to have obtained approximately 170 GB worth of Medicalodges data, including Social Security numbers, client nondisclosure agreements and medical diagnoses, but those claims could not be verified as of late last week.

Medicalodges provides residential and other services for older adults and people with developmental disabilities, including independent living, assisted living/residential care, skilled nursing, home care, rehabilitation, specialized care, outpatient therapies and adult day care, according to its website.

‘Malicious’ attacks

Bill Ramsey, CEO of Soteria Technology Solutions, a cybersecurity company in Wichita, KS, said the Karakurt ransomware group that targeted the company has been involved in several other high-profile cyber attacks. 

“They’re pretty malicious,” he said. “They’re responsible for a handful of pretty significant breaches.”

In August, the US Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center issued a warning that the Karakurt ransomware group was targeting healthcare organizations after four providers were victims of attacks. Among the companies targeted were an assisted living provider, a dental firm, a health clinic and a hospital. In December, a life plan community reported that it was a victim.

Ramsey, whose company is not affiliated with Medicalodges but does provide cybersecurity services to other long-term care providers, said senior living and care organizations often are considered relatively easy targets for cybercriminals because they typically have limited cybersecurity staff, budget and training. He advises all healthcare organizations to make sure they are protected against cyberattacks with strong antivirus software and firewall protection and are training staff members to be aware of potential risks such as phishing attacks. 

Many organizations also have a Security Operations Center to monitor suspicious cyber activity on their systems and employ outside cybersecurity experts to strengthen their cyber defense network, he said.