The Florida Department of Health has been targeted in a significant ransomware attack that has disrupted the state’s ability to issue death and birth certificates, raising concerns about the security of sensitive patient data.
The ransomware group, RansomHub, claimed responsibility for the attack, stating they have stolen 100 gigabytes of data which they threaten to publish by Friday if a ransom is not paid. However, Florida law prohibits state and local governments from paying such extortion demands, and there is no guarantee that cyber criminals will honor their promises even if paid.
The attack has severely affected the department’s online Vital Statistics system, which processes certificates for births, deaths, divorces, marriages, and apostilles. As a result, funeral directors are unable to submit death information online, forcing them to complete death certificates by hand and deliver them to health departments for processing. This manual process creates significant delays, making it challenging for people to obtain the necessary documentation to bury or cremate their loved ones.
Reginald McKinney, a funeral director at McKinney Family Funeral Home, explained the complications: “When we take a person to the cemetery, we have to have a burial permit, not necessarily the death certificate completed but we would have had to contact the signing physician for that physician to agree that he will sign the death certificate before that person can be buried in a cemetery or actually be cremated.”
The disruption in the issuance of death certificates has broader implications for families, delaying their ability to access social security, veteran’s, or retirement benefits, probate estates, and make insurance claims. This interruption underscores the critical role of the Vital Statistics system in supporting timely administrative processes for families dealing with the death of a loved one.
Data Security Concerns
The Florida Department of Health oversees a vast network, including a central office, 67 county health departments, eight children’s medical services area offices, 12 medical quality assurance regional offices, nine disability determination regional offices, and three public health labs. The breach potentially puts sensitive patient data at risk across these various branches. The extent of the data stolen and the specific nature of the information remains unclear, heightening concerns about the potential misuse of personal health information.
This attack is not an isolated incident for RansomHub. The group has a history of targeting healthcare organizations. Earlier in 2024, RansomHub was involved in the aftermath of a ransomware attack on Change Healthcare. Initially, the cyber crime group BlackCat hit Change Healthcare and was involved in extortion.
Following internal conflicts within BlackCat, the group apparently dissolved, and RansomHub subsequently claimed to have access to the stolen data from Change Healthcare.
In response to the attack, the Florida Department of Health is working to restore its systems and mitigate the impact on affected services. The department has not disclosed detailed information about the measures being taken to address the breach and protect the data. Given the prohibition on paying ransomware demands, the focus is likely on strengthening cybersecurity defenses and exploring options for data recovery without yielding to the extortionists’ demands.
Related topics:
- WHO Launches MeDevIS Platform to Enhance Access to Medical Technologies Worldwide
- White House Addresses Concerns Over President Biden’s Health Amid Debate Fallout
- Health Secretary and NHS CEO Champion Primary Care Revival During London GP Surgery Visit
