Well that didn’t take long. In a recent article I made the case that newer variations of ransomware could result in a reportable HIPAA breach. I argued that if ransomware not only encrypted the victim’s files but also copied the files off of a computer or allowed access to the files, then the result could be a reportable breach.
A relatively new variation of ransomware called CryptXXX has been identified. Like older variations, the malware encrypts a victims files and demands a ransom to release the files. The ransom averages about $500.