The first ransomware victim fined for a data breach by the Department of Health and Human Services (HHS), Massachusetts-based Doctor Management Group has agreed to a $100,000 settlement and three years of HIPAA compliance monitoring. The company was attacked with GandCrab ransomware in 2019 but the breach was traced back to April 2017. The HHS found potential HIPAA violations such as a failure to conduct an accurate security risk analysis.
Rampant ransomware attacks have hit the healthcare industry, with incidents increasing by more than 600%, costing an average of $10 million per breach. This has