Life Healthcare reveals damage caused by data breach
Life Healthcare Group, the second largest private hospital operator in SA, says it has “substantially” restored its IT systems following the cyber attack that crippled its operations in June and July.
The hospital group was hit by the cyber attack, in the midst of the COVID-19 outbreak, in the second week of June.
Life Healthcare did not revealed the nature of the security breach at the time and was forced to bring in external cyber security experts and forensic teams “to advise and supplement internal teams and capacity”.
In a trading update today, the hospital group says the attack has now been contained and for the first time revealed how the attack impacted on its operations.
“As previously communicated, the group’s southern African business was a victim of a malicious cyber attack by criminals. The manual backup processes, brought into effect as a result of the attack, impacted the ability of the southern African operations during the month of June and part of July 2020 to complete patient billing, submit claims to medical aids, process supplier invoices and produce financial results,” says Life Healthcare.
“The group was able to substantially restore its IT systems at the beginning of July 2020 and has since then been able to materially operate as normal.”
More entities in SA have been targeted by cyber criminals in recent weeks.
Last week, ITWeb reported insurer Lombard Insurance is working with the Information Regulator and South African authorities after suffering a data breach.
The company said independent ICT and forensic experts were working with the insurer’s internal team to analyse the breach and systematically restore the integrity of its systems.
The company reported the matter to authorities and an investigation is under way.
Similarly, two weeks ago, Experian, a consumer, business and credit information services agency, announced a breach of data which exposed some personal information of as many as 24 million South Africans and 793 749 business entities.
In the same week, financial services provider Momentum Metropolitan also confirmed it had been hit by a cyber attack.
Momentum said it became aware of a data breach on its network on 13 August and immediately activated its IT security incident plan, which included the implementation of additional systems monitoring and the reinforcement of its IT security strategy.