LSU hospitals latest health system hit by cyberattack

The hospital system of Louisiana State University (colloquially known as LSU) has experienced a cyberattack, another in a growing and worrisome line of incidents against health systems. This information became known publicly due to a press release from the LSU Health New Orleans Health Care Services Division. According to the press release, LSU became aware of a breach that gave access to an employee’s emails. The data accessed specifically was related to patients who had received treatment at the following hospitals:

  • Lallie Kemp Regional Medical Center (Independence)
  • Leonard J. Chabert Medical Center (Houma)
  • W.O. Moss Regional Medical Center (Lake Charles)
  • Earl K. Long Medical Center (Baton Rouge)
  • Bogalusa Medical Center Bogalusa University Medical Center (Lafayette)
  • Interim LSU Hospital (New Orleans)

LSU Health Care Services Division believes the intrusion began on Sept. 15 and ended about three days later. Why it took two months to notify patients most likely has to do with the ongoing investigation with law enforcement. It isn’t unheard of for federal investigators and local law enforcement to hold off releasing information until they have a relatively solid understanding of the cyberattack.

As far as the actual data in question, while none of the data is believed to have been used in the wild, LSU states that the following was open to being accessed by the unnamed intruders:

The type and amount of patient information varied by location of care and each email message but may have included: patients’ names; medical record numbers; account numbers; dates of birth; Social Security numbers; dates of service; types of services received; phone numbers; and/or addresses; and insurance identification numbers. A few contained a patient’s bank account number and health information including a diagnosis.

Especially in the time of this COVID-19 pandemic, hospitals have seen a massive spike in attacks. The stressed health-care system — namely its stressed workers — are being pushed to the brink. The last thing on their minds is cybersecurity protocols when they have lives to save during an outbreak.

This is what cybercriminals are banking on, and sadly, it is working. It certainly did with the LSU health system cyberattack.

Featured image: Pixabay

Derek Kortepeter

Derek Kortepeter is a graduate of UCLA and tech journalist that is committed to creating an informed society with regards to Information Security. Kortepeter specializes in areas such as penetration testing, cryptography, cyber warfare, and governmental InfoSec policy.

Published by
Derek Kortepeter

Recent Posts

SolarWinds investigation uncovers new Raindrop malware

Raindrop is just the latest in a series of high-threat malware that has been uncovered…

6 hours ago

Why you should consider using split tunneling for Microsoft 365 traffic

VPNs and Microsoft 365 are both hot — and this has created a traffic jam.…

9 hours ago

Top open-source CNCF security projects and why they matter—Part 2

In part 2 of our series on CNCF security projects, we look at four additional…

12 hours ago

Top open-source CNCF security projects and why they matter—Part 1

Security is crucial as organizations adopt cloud-native technologies. Not surprisingly, the CNCF is leading the…

1 day ago

Best of CES 2021: All the top announcements and unveilings

As usual, CES 2021 kicked off the New Year with a dazzling display of new…

1 day ago

These are 10 of the hottest IT security careers today

While nearly all IT jobs are expected to see rising demand well into the future,…

2 days ago