Separating malware facts from fiction

There has been a lot of confusion and misinformation circulating about the NotPetya malware incident that affected Nuance and thousands of other companies on June 27. Read this post where we separate fact from fiction.
By
Satish Maripuri explains the malware incident that affected Nuance

A computer malware program is often called a virus for a reason. Like its biological namesake, malware can spread quickly and cause serious harm.  When it comes to health, people often are afraid of viruses because they don’t understand what they are or how they work.

The same is true for malware. There has been a lot of confusion and misinformation circulating about the NotPetya malware incident that affected Nuance and thousands of other companies on June 27. And, unfortunately, there are some in our industry who may have spread misinformation about the incident, Nuance, and other affected companies, for their own gain.

To set the record straight about the impact of the NotPetya malware on Nuance:

  • No Nuance customer information has been altered, lost or removed by the malware.
  • We have no indication that any file contents on affected Nuance systems have been viewed by unauthorized parties.
  • We have seen no evidence that customer data or PHI files were encrypted in this incident.
  • Nuance has determined that the Incident constitutes a “security incident” for purposes of the HIPAA Security Rule, but does not constitute a breach of unsecured PHI for purposes of the Breach Notification Rule. More details and our working conclusion can be found here.
  • And unlike some malware, patching alone would not have stopped the propagation of NotPetya.

I’m pleased to report that thanks to our knowledgeable and dedicated staff—who have worked with unbelievable intensity and purpose since June 27—we are restoring client functionality quickly and safely and working to continue earning client trust. Our momentum is strong, and we are moving rapidly to complete a recovery process for all affected clients.

At the same time, we are enhancing our security against similar future incidents to ensure we emerge from this incident with a safer and more secure operating environment.

I am gratified that despite some confusion about this malware, our clients have been clear in their support, expressing understanding and loyalty. In fact, many clients have encouraged us to keep going, let us know they’re standing with us, and told us that we’re in this together.

I could not agree more.

Follow us on LinkedIn and Twitter to learn more about the facts.

Satish Maripuri

About Satish Maripuri

Satish Maripuri is the executive vice president and general manager of Nuance’s Healthcare division, overseeing all operational aspects of the business, including innovation strategy, product development, marketing, sales, partnerships, and client relationships across the company’s healthcare solutions portfolio. Under Satish’s leadership, Nuance Healthcare returned to growth from a 4% decline to 9% growth within three years. Satish is passionate about the criticality of purpose-driven culture and leadership to drive business growth. He has more than 28 years of management experience in enterprise software, SaaS solutions, natural language processing (NLP), artificial Intelligence (AI), international operations, global mobile workforces, and cloud services. Prior to joining Nuance in 2012, Satish held several executive leadership positions at global technology companies, including Solera Holdings, Lionbridge Technologies, and Imprivata. Satish holds a B.S. in Mechanical Engineering from Andhra University and M.S. degree in Computer Engineering from Northeastern University.