Home
The Aesthetic Society logo
Home
Patient Safety

Important Cybersecurity Alert

Dear Aesthetic Society Members,

Global IT systems are still recovering after an update from CrowdStrike, a major Endpoint Detection and Response (EDR) software provider, caused a massive worldwide outage of Windows computers. Countless businesses and organizations were affected, including airlines, hospitals, banks, and telecommunications companies.

What Happened?

On Friday, July 19th, an automatic update issued by CrowdStrike disrupted the operation of Microsoft Windows systems. This update affected millions of computers globally, halting many business functions. Although initially suspected to be a cyberattack, no ransom demands or threats to expose Personally Identifiable Information (PII) or Protected Health Information (PHI) followed the incident, suggesting it was not a direct cyberattack.

Why Is This Important for You?

This incident highlights the potential impact of cybersecurity vulnerabilities and the importance of robust protection measures. As healthcare practitioners, we must be vigilant to safeguard our systems and patient data against threats.

Recommendations:

  • Hire a Managed Service Provider (MSP): If you do not currently have an MSP, we strongly recommend hiring one to manage and protect your IT infrastructure.
  • Cyber Insurance: Ensure you have a dedicated cyber insurance policy with at least $1 million in coverage. An MSP can assist in completing the necessary application process for obtaining cyber insurance.
  • Staff Training: Implement regular cybersecurity training for your staff using systems like KnowBe4 to help them recognize and avoid potential threats.
  • Data Management: Avoid storing personal or sensitive information on business systems to prevent unauthorized access and exposure.
  • Webinars: We encourage you to view our cyber security webinars, which provide valuable information on protecting your practice.

Dr. Mark D. Epstein, who has led our cyber security webinars, is an invaluable resource and is available for any questions or guidance. You are welcome to contact him directly at [email protected]

Thank you for your attention to this critical matter.