Ransomware Groups Claim to Have Targeted Health Plans and Healthcare Companies

Partnership Health Plan of California Coming Back from Suspected Ransomware Attack

The non-profit managed care health plan located in Fairfield, CA, Partnership Health Plan of California (PHC), encountered a cyberattack that led to the inaccessibility of its IT systems for more than one week. On March 21, 2022, PHC commenced informing regional healthcare clinics about the interruption of its IT systems, its web page and phone lines and that work was ongoing to bring back its systems. A time frame for when IT systems will possibly be repaired was not given.

PHC failed to say in its announcements what prompted the outage, however it looks like a ransomware attack prompted by the Hive ransomware gang. The Hive ransomware gang owned responsibility for the attack as posted on its clear web and dark sites and stated 400 gigabytes of data had been stolen from PHC systems that involved 850,000 unique records of name, SSNs, addresses, dates of birth, and other data. That statement has since been taken out.

PHC has not stated if ransomware was utilized and the degree to which plan members’ records were impacted. PHC has approximately 618,000 health plan members throughout Northern California. The Hive ransomware group is well-known to attack the healthcare sector, having earlier carried out ransomware attacks on Memorial Health System and Johnson Memorial Health in 2021.

Cancer and Hematology Centers of Western Michigan Experiences Ransomware Attack

Cancer and Hematology Centers of Western Michigan has lately reported that it encountered a ransomware attack in December 2021 that affected a section of its database. The center mentioned it joined with a third-party IT and forensics agency to look into the breach and re-establish its systems.

The breach inquiry didn’t discover information that indicates any patient data was misused, nevertheless, the portions of its systems that the hackers accessed included some patients’ health records and staff members’ Social Security numbers and also bank account data.

Cancer and Hematology Centers of Western Michigan have begun informing impacted people and provided free credit monitoring services. Steps were undertaken to fortify data security operations, such as decommissioning a few servers, having added training to the staff, examining security guidelines and procedures, and partnering with a third-party business to get regular security tracking.

The breach report was filed with the HHS’ Office for Civil Rights as impacting 43,071 persons.

LockBit Ransomware Group Claims To Be Responsible for the Val Verde Regional Medical Center Attack

The LockBit ransomware gang has just shared information on its leak webpage regarding the theft of data at the time of a ransomware attack on Val Verde Regional Medical Center based in Texas.

Lockbit has posted about 400 MB of data on its web page consisting of information of over 96,000 individuals. The files comprise details for instance names, birth dates, marital status, account numbers, patient ID numbers, addresses, email addresses, telephone numbers, employer addresses, guarantor names, referring doctor names, medical insurance data, notes, and other details.

Val Verde Regional Medical Center hasn’t established whether the statement of the Lockbit group is true and the breach is not displayed yet on the HHS’ Office for Civil Rights breach site.