Network Security
Vulnerability Management
Privileged Access Management
Endpoint Security
Threat Hunting
Unified Endpoint Management
Email & Collaboration Security
Contents:
Nearly 270,000 patients of the Lake Charles Memorial Health System (LCMHS) are being notified of a data breach that may have exposed their personal information.
An announcement on the LCMHS site reveals that the event occurred on October 21, 2022, when the security staff noticed suspicious behavior on the network.
On October 25, 2022, after an internal investigation, it was discovered that hackers had broken into LCMHS’s network and stolen sensitive files, that contain data such as:
- Full names
- Physical addresses
- Dates of birth
- Medical records
- Patient identification numbers
- Health insurance information
- Payment information
- Limited clinical information regarding the received care
- Social Security numbers (in some cases)
The LCMHS notice clarifies that the network attackers were unable to access its electronic medical records.
Beginning December 23, 2022, we are mailing letters to patients whose information may have been involved in this incident. (…) We are offering individuals whose Social Security number may have been included with complimentary credit monitoring and identity theft protection services. Patients are encouraged to review statements from their health insurer and healthcare providers, and to contact them immediately if they see any services they did not receive.
The event was reported by LCMHS to the secretary of the U.S. Department of Health and Human Services (HHS). As of present, 269,752 people have been affected, according to the portal for healthcare-related breaches.
Hive Ransomware, Behind the Attack
On November 15, 2022, the Hive ransomware group added LCMHS to its list of data leaks, which usually happens after unsuccessful attempts to negotiate a ransom payment. As Bleeping Computer explains, the hackers claim that the encryption happened on October 25, 2022, four days after LCMHS announced the incident.
Hive Ransomware’s Data Breach Announcement
Hive has also made public the files that were allegedly stolen after breaking into LCMHS systems. Bills of materials, cards, contracts, medical information, papers, medical records, scans, residents, and other documents are among the files listed.
Lake Charles Memorial Health System is the region’s largest not-for-profit community healthcare system, with a 314-bed hospital, a 54-bed women’s hospital, a 42-bed behavioral health facility, and a primary care clinic for uninsured patients.
According to the FBI, Hive Ransomware has affected over 1,300 companies globally as of November 2022, collecting roughly US$100 million in ransom payments. In 2022, the German multinational chain of consumer electronics stores Media Markt, Bell Technical Solutions and the New York Racing Association (NYRA) were among its victims.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, Youtube, and Instagram for more cybersecurity news and topics.
Madalina, a seasoned digital content creator at Heimdal®, blends her passion for cybersecurity with an 8-year background in PR & CSR consultancy. Skilled in making complex cyber topics accessible, she bridges the gap between cyber experts and the wider audience with finesse.
