AUSTIN, Texas — Ascension Seton is still investigating a ransomware attack that happened last month.
The attack forced the hospital to switch to manual and paper-based systems, but it has now restored access to electronic documentation.
Whether you're on your laptop at home or you're one of the biggest health care providers in Central Texas, cybersecurity experts say you can still have your data breached.
“It’s gotten progressively worse every year. I foresee it continuing to,” Shelby Staffel, IT GOAT’s chief information officer, said.
IT GOAT is a cybersecurity company that helps protect other people's data, including in Austin. Staffel said the ransomware attack at Ascension Seton last month is just one example of many breaches nationwide last year.
“In 2023, $1 billion was paid in ransomware payments. And so, they are going to continue to hammer us as long as there's a financial gain there,” Staffel said.
He said ransomware is when a hacker locks up data into an encrypted file that no one can access, essentially holding it hostage. The higher value the data is, the bigger the potential payout.
“What is not more high value than a bunch of medical records? There's an incentive there for the hospital to pay it because now they can't work on anybody. It's become a medical emergency,” he said.
Staffel said the hospital and its cybersecurity team has likely reverted to a backup of the previous system.
“The only real recourse that a company has is to revert to the backup sets that they have either the day, the week, the month before,” he said.
But what happens to people's data that’s been potentially leaked?
“Now you become a commodity. You start being traded on the dark web,” he said.
Staffel said you can hire services like Black Point or Life Lock that can monitor the dark web and your credit for you, but even if you do find your information there, there is no recourse
“You can't contact them and ask them to remove it,” Staffel said.
Staffel said the best way to protect yourself is to stay vigilant and educate yourself.
“Don't ever open any emails that you aren't expecting. Don't ever download any attachment you aren't expecting. I hate to say it, but you have to be very paranoid,” he said. “If you don't understand technology, find somebody that does understand technology and ask them these questions.”
Staffel also said you should be constantly changing your passwords and not reusing the same one.
He said hacking can happen as easily as clicking a link, so he also encourages cybersecurity training.
KVUE reached out to Ascension Seton about how it's recovered its data and if anyone has had their information leaked. The hospital said it would not comment on the situation at this time.