Network Security
Vulnerability Management
Privileged Access Management
Endpoint Security
Threat Hunting
Unified Endpoint Management
Email & Collaboration Security
Contents:
The notorious LockBit ransomware group claims to have breached two major hospitals from upstate New York, the Carthage Area Hospital and Claxton-Hepburn Medical Center. The two hospitals serve hundreds of thousands of patients.
Details on the Attack: The Hospitals Are Struggling
The two hospitals have been suffering greatly as a result of the cyberattack that happened at the end of August in recent weeks. The phone networks were restored on September 2, however, the intrusions damaged various other services. The Carthage and Claxton emergency rooms have been diverted, the patients have been moved to other local hospitals, and the majority of the appointments have been rescheduled as a precaution.
Carthage Area Hospital announced in a press release that all patients with appointments that need to be rescheduled will be contacted. They also added that any patient with urgent health concerns should still call their healthcare provider and that patients with emergency conditions should go to their nearest emergency department.
As the two hospitals are struggling to recover from the cyberattacks, the FBI launched an investigation alongside the New York Department of Health and the Division of Homeland Security.
As reported by SecurityAffairs, the hospitals have now been included to the LockBit ransomware gang’s Tor leak site. If the victims don’t pay the ransom, the gang allegedly plans to disclose the allegedly stolen material by September 19, 2023. So far, no samples of the alleged stolen data have been published by the threat actors.
LockBit Data Publication Announcement (Source)
This is not the first time LockBit targets hospitals. The Centre Hospitalier Sud Francilien (CHSF), a hospital southeast of Paris, was attacked by the gang in August last year. The incident forced the hospital to refer patients to other facilities and hampered the emergency services and procedures. Threat actors, according to local media, demand a $10 million ransom in exchange for the decryption key needed to restore encrypted data.
If you want to keep up to date with everything we post, don’t forget to follow us on LinkedIn, Twitter, Facebook, and Youtube for more cybersecurity news and topics.
Cristian is a Content Editor & Creator at Heimdal®, where he developed a deep understanding of the digital threat landscape. His style resonates with both technical and non-technical readers, proof being in his skill of communicating cybersecurity norms effectively, in an easy-to-understand manner.
