Source 1 | 2024-10-30
“An upstate New York-based medical specialty practice must spend $2.25 million to improve and maintain its data security practices over the next five years, plus pay state regulators up to a $1 million penalty following an investigation into two ransomware attacks just days apart in 2023 that affected nearly 224,500 patients and employees. “
“Under the agreement with the New York State Attorney General Office, Albany ENT & Allergy Services P.C. must implement and maintain a long list of data security practices and improvements over the next five fiscal years, spending at least $450,000 annually. In addition, AENT also must shell out a $1 million penalty in two $250,000 installments, with a final $500,000 payment suspended if the practice meets the requirement of spending at least $450,000 per year on its data security. “
“AENT, an ear, nose, throat and allergy practice with multiple sites around Albany, New York, does not have its own in-house IT or security teams, and outsources those functions to third-party vendors, state documents in the case said. “
“ Two different ransomware threat actors launched the 2023 attacks on AENT, both leaking data stolen from the practice on the dark web, settlement documents said. “
Guarding Against Ransomware
Cybersecurity for Critical Infrastructure
SecuLore provides Managed Detection and Response (MDR) to protect our nation’s critical infrastructure from cyber threats. Our expertise is built on deep knowledge of 9-1-1 technology, cyberwarfare, and ethical hacking, ensuring the highest level of cybersecurity for public safety agencies.
