NY AG Fines US Radiology $450K After Unpatched Bug Led to Ransomware Attack

cyber attack

One of the nation’s largest private radiology companies agreed to pay a $450,000 fine after a 2021 ransomware attack led to the exposure of sensitive information from nearly 200,000 patients.

In an agreement announced Wednesday, New York Attorney General Letitia James said US Radiology failed to remediate a vulnerability announced by security company SonicWall in January 2021.

US Radiology used the company’s firewall to protect its network and provide managed services for many of its partner companies, including the Windsong Radiology Group, which has six facilities across Western New York.

The vulnerability highlighted by the attorney general — CVE-2021-20016 — was used by ransomware gangs in several attacks, The Record reports. Read more

Total
0
Shares
Related Posts
Read More

Exclusive: Digital Front Door – An Investment in Consumer Convenience

Despite what the name suggests, the digital front door is more than just an entry point. It is a whole new, digital approach to the way patients access and register for their care, and a new approach to their entire experience and way of engaging with the care system. It affects many steps, including search for care, finding a doctor, pre-visit checks and post-visit procedures, including payments, and follow-ups.