Rhysida Hacking Group Strikes More Healthcare Providers
March 10, 2025 – Published on HealthcareInfoSecurity
A Kansas-based medical practice and a Rhode Island-based provider of mental health and addiction counseling and related services are the latest victims in a growing list of healthcare organizations reporting major data breaches by Russian-speaking cybercriminal gang Rhysida.
Those are just two of about 169 victims that Rhysida listed as of Monday on its dark web leak site, including several other healthcare sector entities, such as other mental health and addiction clinics, specialty medical groups such as orthopedic and dental practices, and a nursing home.
“Rhysida, like many ransomware groups, focus on organizations that are both vulnerable and more likely to pay a ransom due to the criticality of their services and the sensitivity of the data involved,” said Jason Baker, managing security consultant of GuidePoint Security.
“Healthcare providers often operate with limited security resources despite possessing high volumes of sensitive patient information. This combination of suboptimal defenses and high-value data makes for attractive targets,” he said. Similarly – other Rhysida victims such as schools and educational institutions – typically have underfunded IT departments, outdated systems and distributed infrastructure that can be difficult to secure, he said.
Read More HERE.