Share this article on:
Barlow Respiratory Hospital in Los Angeles, CA has announced it has suffered a ransomware attack on August 27, 2021. The attack was conducted by the Vice Society ransomware gang, which gained access to its network and electronic medical record system. Prior to using ransomware to encrypt files, the gang exfiltrated patient data, some of which has been posted on the gang’s dark web data leak site.
Barlow Respiratory Hospital said while the attack affected several IT systems, the hospital was able to continue to operate under its emergency procedures and patient care was not interrupted.
Upon detection of the security breach, law enforcement agencies were notified and a third-party cybersecurity firm was engaged to assist with the investigation and determine the scope of the data breach. The investigation into the attack is ongoing.
While some ransomware operations have said they will not target healthcare providers, Vice Society does not fall into that category. The ransomware operation appeared in June 2021 and has already attacked multiple healthcare providers, including Eskenazi Health in Indianapolis. The ransomware gang is known to exploit new security vulnerabilities, including the Windows PrintNightmare flaws.
“We will continue to work with law enforcement to assist in their investigation, and we are working diligently, with the assistance of a cybersecurity firm, to assess what information may have been involved in the incident,” said a spokesperson for Barlow Respiratory Hospital. “If necessary, we will notify the individuals whose information may have been involved, in accordance with applicable laws and regulations, in due course.”
The breach has been reported to the HHS’ Office for Civil Rights as affecting 9,880 individuals.
Missouri Delta Medical Center Suffers Hive Ransomware Attack
The protected health information of patients of Missouri Delta Medical Center in Sikeston, MO has been stolen in a ransomware attack conducted by the Hive ransomware gang. Earlier this month, a sample of the stolen data was uploaded to the ransomware gang’s data leak site in an effort to pressure the medical center into paying the ransom. The Hive ransomware gang has attacked multiple healthcare providers in the past few weeks, including Memorial Health System.
Missouri Delta Medical Center engaged the services of a leading forensic security firm to investigate the attack and determine the nature and scope of the breach. The medical center was later notified by a third party that some patient data had been stolen and published online. According to the post on the Hive gang’s data leak site, the names, addresses, phone numbers, dates of birth, Social Security numbers, sex/race, next of kin details, diagnoses, and financial information of 95,000 individuals was stolen in the attack. That information was contained in 400 GB of files that were exfiltrated prior to file encryption.
Missouri Delta Medical Center said the attack has not affected its ability to provide care for patients. The investigation into the cyberattack is ongoing but at this stage it appears that its electronic medical record system was not affected.
“We apologize for any inconvenience this incident may have caused, and are taking steps to increase our security and reduce the risk of a similar incident occurring in the future. We remain focused on continuing to serve our community,” said Missouri Delta Medical Center.