Separating malware facts from fiction

There has been a lot of confusion and misinformation circulating about the NotPetya malware incident that affected Nuance and thousands of other companies on June 27. Read this post where we separate fact from fiction.
Satish Maripuri explains the malware incident that affected Nuance

A computer malware program is often called a virus for a reason. Like its biological namesake, malware can spread quickly and cause serious harm.  When it comes to health, people often are afraid of viruses because they don’t understand what they are or how they work.

The same is true for malware. There has been a lot of confusion and misinformation circulating about the NotPetya malware incident that affected Nuance and thousands of other companies on June 27. And, unfortunately, there are some in our industry who may have spread misinformation about the incident, Nuance, and other affected companies, for their own gain.

To set the record straight about the impact of the NotPetya malware on Nuance:

  • No Nuance customer information has been altered, lost or removed by the malware.
  • We have no indication that any file contents on affected Nuance systems have been viewed by unauthorized parties.
  • We have seen no evidence that customer data or PHI files were encrypted in this incident.
  • Nuance has determined that the Incident constitutes a “security incident” for purposes of the HIPAA Security Rule, but does not constitute a breach of unsecured PHI for purposes of the Breach Notification Rule. More details and our working conclusion can be found here.
  • And unlike some malware, patching alone would not have stopped the propagation of NotPetya.

I’m pleased to report that thanks to our knowledgeable and dedicated staff—who have worked with unbelievable intensity and purpose since June 27—we are restoring client functionality quickly and safely and working to continue earning client trust. Our momentum is strong, and we are moving rapidly to complete a recovery process for all affected clients.

At the same time, we are enhancing our security against similar future incidents to ensure we emerge from this incident with a safer and more secure operating environment.

I am gratified that despite some confusion about this malware, our clients have been clear in their support, expressing understanding and loyalty. In fact, many clients have encouraged us to keep going, let us know they’re standing with us, and told us that we’re in this together.

I could not agree more.

Follow us on LinkedIn and Twitter to learn more about the facts.

Satish Maripuri

About Satish Maripuri

Satish Maripuri is the executive vice president and general manager of Nuance Healthcare where he oversees the growth and success of the Healthcare division using his passion and strong leadership to drive impactful go-to-market strategies, global channels and operational performance that support client success. Satish joined the company in 2012 as the senior vice president and chief operating officer where he led all aspects of client delivery and operations and grew the division to nearly $1B over four years. Satish has had a distinguished career spanning 30 years at global organizations, including Solera Holdings, Lionbridge, Imprivata, Computervision and Schlumberger Technologies. Satish earned an M.S. in Computer Engineering from Northeastern University and a B.S. in Mechanical Engineering from Andhra University.