Source 1 | 2024-10-30
“An upstate New York-based medical specialty practice must spend $2.25 million to improve and maintain its data security practices over the next five years, plus pay state regulators up to a $1 million penalty following an investigation into two ransomware attacks just days apart in 2023 that affected nearly 224,500 patients and employees. “
“Under the agreement with the New York State Attorney General Office, Albany ENT & Allergy Services P.C. must implement and maintain a long list of data security practices and improvements over the next five fiscal years, spending at least $450,000 annually. In addition, AENT also must shell out a $1 million penalty in two $250,000 installments, with a final $500,000 payment suspended if the practice meets the requirement of spending at least $450,000 per year on its data security. “
“AENT, an ear, nose, throat and allergy practice with multiple sites around Albany, New York, does not have its own in-house IT or security teams, and outsources those functions to third-party vendors, state documents in the case said. “
“ Two different ransomware threat actors launched the 2023 attacks on AENT, both leaking data stolen from the practice on the dark web, settlement documents said. “
Ransomware Resources
Cyber-Protecting Our Nation’s Critical Infrastructure
At SecuLore, our mission is to cyber-protect our nation’s critical infrastructure. Led by experts in 9-1-1 technology, cyberwarfare, and ethical hacking, our team provides the technology, expertise, and training needed to defend customers from increasingly sophisticated cyber threats.