Cyber Attack on a Clinical Trial Software Provider eResearchTechnology

eResearchTechnology in Philadelphia is a company marketing software for clinical trials, for instance, the clinical trials relating to Covid-19 vaccines. The company experienced a ransomware attack last September 20, 2020 that affected several clients, including one organization engaging in Covid-19 vaccine testing. As a result of the attack, certain clinical trial researchers needed to use pen and paper to record their patients’ data. Though patient safety was not at risk, the attack impacted the clinical testings and delayed the process.

The ransomware attack impacted IQVIA, the research group doing clinical trials of the AstraZeneca’s Covid-19 vaccine. Although it’s not certain yet how severe was the attack’s impact on the Covid-19 vaccine trial. The ransomware attack furthermore impacted the company Bristol Myers Squibb, which is leading the creation of a coronavirus rapid test. The two corporations reported that the impact of the attack was not much because they possessed backup copies of data that can be employed to recover files. IQVIA published a statement that it didn’t know if any confidential data related to the clinical trials were exfiltrated by the attackers prior to the encryption of files.

eResearchTechnology de-activated its computer systems after the ransomware attack, . Private cybersecurity experts helped investigate the breach and restore the data. The Federal Bureau of Investigation (FBI) additionally got a report concerning the attack and is looking into it. Some systems were taken off the internet for around two weeks and were just restored online on October 2, 2020. The firm is thinking of restoring the remainder of its systems on the web in the next few days.

There is insufficient detail with regards to the threat group that performed the attack, the variant of ransomware, and whether the firm paid the attackers their ransom demand to obtain the decryption keys.

eResearchTechnology’s software system is extensively used in various clinical trials. In 2019, eResearchTechnology software was used in around 75% of all drug clinical trials that resulted in approvals.

The ransomware attack was reported a few days after the ransomware attack on Universal Health Services, which allegedly affected all U.S. zones and so its systems were shut down. Patients had to be brought to alternative healthcare organizations. The report of Emsisoft shows that in 2020 there had been at least 53 ransomware attacks on healthcare providers in the USA, which impacted above 500 hospitals and clinics.

About Christine Garcia 1185 Articles
Christine Garcia is the staff writer on Calculated HIPAA. Christine has several years experience in writing about healthcare sector issues with a focus on the compliance and cybersecurity issues. Christine has developed in-depth knowledge of HIPAA regulations. You can contact Christine at [email protected]. You can follow Christine on Twitter at https://twitter.com/ChrisCalHIPAA