Vendor Ransomware Breach Affects 942,000 Patients

August 17, 2022 – Published on GovInfoSecurity

A New York-based practice management and billing vendor has notified 28 healthcare entity clients and more than 942,000 of their patients that sensitive information was compromised in a ransomware attack in April.

A ransomware breach recently reported to federal regulators by Practice Resources LLC is among the latest fallout in an assortment of similar cyberattacks affecting healthcare sector entities.

Other recent ransomware-related revelations involve healthcare sector organizations…

Threat analyst Nic Finn of security firm GuidePoint Security says while many threat groups prohibit service-disabling attacks against healthcare organizations, others have begun to promote these attacks, including data encryption and deletion.

“Hive is one such ransomware group that has no restrictions against encrypting data throughout a healthcare organization to pressure the victim to pay the ransom immediately,” he says.

Hive, which was the subject of a recent federal advisory to the healthcare sector, has been implicated in several major attacks on healthcare sector entities, including Indiana-based Goodman Campbell Brain and Spine, which recently began notifying nearly 363,000 individuals of a ransomware incident affecting their PHI.

Because healthcare has steadily become a massive portion of most countries’ economies, attackers know they can demand “sizable ransoms from victims along with publicity as a result of their attacks and publications on leak sites,” Finn says.

“We’ve seen groups like Lapsus$ focus efforts against large organizations and governments because they think it will give them notoriety and reverence among the black hat community,” he says. “It is likely that as groups like Lapsus$, LockBit and Hive set paths forward, other ransomware groups are likely to follow.”

Read More HERE.