As technology advances, so does cyber crime. There are many benefits for care providers to go digital, but as this care service found out, it is crucial that systems are in place to ensure that you do not become vulnerable to cyber criminals.
As part of Cyber Security Awareness month, we spoke to a supported living and home care provider (who wishes to remain anonymous) and heard how they fell victim to a ransomware attack.
An old server was breached that ran employee rosters and contained some client files. As a service who employs over 100 people, this had major implications for client care and delivery. As the care service manager explains:
“The first thing we knew about it was when we tried to log in to our server. We got a notice saying that we needed to pay a Bitcoin ransom in order to access to our data. It felt like a great invasion of our organisation, but thankfully we are a strong team and we really pulled together. We had paper records of the staff rosters for the first couple of weeks. Plus we had recent print outs of our clients’ records and plans so we could work from there and rebuild.”
The service briefed the Information Commissioner’s Office, staff, families and people who used their services about the incident and the steps they were taking to manage it. Fortunately, they also had cyber security insurance and found arrangements to be very helpful and supportive.
It turned out that cyber criminals had entered the system by a ‘port’ that was set up originally by a small IT company so they could support the provider remotely if needed. No one was aware that the password was not robust enough, and they later found that the IT company no longer provided support and did not exist.
Investigations by the insurers found that no data had been downloaded from the server but, as the service manager explains, the experience demonstrated just how easily the situation could have escalated.
“The key thing we learned was to check our back-ups. We had a plan but the remote back up wasn’t backing up. The local back-up was plugged in to the server so that was affected by the attack too.”
“Since the attack, we have also completed our Data Security and Protection Toolkit and in doing so have arranged to change passwords on a regular basis; introduced a two-stage authentication to access the server; included cyber security in our business continuity plan, trained our staff on cyber security awareness. So, the DSPT was a really useful checklist to help us improve.”
Reducing the risk of a cyber attack
What to do if you’ve been the victim of a cyber-attack
Back to Success Stories