Ransomware operators Daixin Team are claiming to have stolen “more than a million records” from a U.S. healthcare organization, and are threatening to leak it all to the public.
It’s unclear whether this means a million affected patients, or a million pieces of sensitive information belonging to fewer patients, but whatever the case, the threat actors stole sensitive data from OakBend Medical Center, which operates three hospitals in the state of Texas, and shut down its communications and IT systems in the process.
The stolen data allegedly includes employee and customer names, dates of birth, Social Security numbers, as well as data regarding patient treatments. More than enough to be used in identity theft, extortion, stage-two data breaches, and more.
But that will only happen if the group decides to go for the “full leak”, which suggests they might be negotiating with the healthcare provider over a potential ransom payment.
OakBend did not say if it plans on paying or not, but it did say it pulled compromised endpoints (opens in new tab) offline and notified law enforcement and government agencies, including the FBI. Microsoft, Dell, and Malware (opens in new tab) Protects, have also been called in to assist. “At no time was patient safety ever in jeopardy,” the company said in a press release following the incident.
Even though some ransomware operators publicly promised not to go after healthcare organizations, non-profits, and similar institutions, some pay no regard to the fact that these attacks might put actual human lives in jeopardy. A similar attack happened in Pennsylvania recently as well, when Medical Associates of the Lehigh Valley had its systems breached, and 75,628 individuals’ names, addresses, Social Security numbers, as well as medical records, compromised.
Hospitals and other healthcare institutions were a major target during the Covid-19 pandemic, as well.
- Check out our list of the best antivirus (opens in new tab) solutions right now
Via: The Register (opens in new tab)