The Rhysida ransomware gang has claimed duty for the huge cyberattack on Prospect Medical Holdings, claiming to have stolen 500,000 social safety numbers, company paperwork, and affected person information.
The assault is believed to have occurred on August third, with staff discovering ransom notes on their screens stating that their community was hacked and units encrypted.
Prospect Medical Holdings (PMH) is a US healthcare firm working 16 hospitals in California, Connecticut, Pennsylvania, and Rhode Island and a community of 166 outpatient clinics and facilities.
The cyberattack induced the hospitals to close down their IT networks to stop the assault’s unfold, forcing hospitals again to utilizing paper charts.
Whereas PMH didn’t reply to queries concerning the safety incident, BleepingComputer later discovered that the Rhysida ransomware gang was behind the assault.
Supply: BleepingComputer
Since then, PMH hospital networks, similar to CharterCare, now state that programs are up and working once more however are nonetheless restoring affected person information.
“Work to enter paper affected person information utilized by our caregivers whereas our programs had been down into our digital medical document (EMR) system is ongoing,” reads a discover on CharterCare.org.
Nevertheless, BleepingComputer was informed there had been no communication to staff about whether or not their information was stolen within the assault.
Rhysida claims assault
Rhysida is a ransomware operation that launched in Might 2023 and shortly rose to notoriety after attacking the Chilean Military (Ejército de Chile) and leaking its information.
Earlier this month, the US Division of Well being and Human Companies (HHS) warned that the Rhysida gang was behind current assaults on healthcare organizations.
Now, the Rhysida ransomware gang has claimed the assault on Prospect Medical Holdings, threatening to promote the corporate’s allegedly stolen information for 50 Bitcoins (value $1.3 million).
The risk actors declare that they stole 1 TB of paperwork and a 1.3 TB SQL database containing 500,000 social safety numbers, passports, driver’s licenses, company paperwork, and affected person’s medical info.
“They kindly supplied: greater than 500000 SSN, passports of their shoppers and staff, driver’s licenses, affected person recordsdata (profile, medical historical past), monetary and authorized paperwork!!!,” reads the Rhysida information leak web site.
The gang’s information leak web site additionally shared quite a few screenshots of driver’s licenses, social safety playing cards, paperwork, and what seems to be sufferers’ medical info.
Some screenshots confirmed leaked paperwork containing letterhead for Jap Connecticut Well being Community, one in all PMH’s hospital networks.
BleepingComputer has contacted PMH with questions concerning the leaked information however has not acquired a response at the moment.