"Ransomware Actors Leak Data From 3 More Healthcare-Related Entities"
The operators of Avaddon, Conti, and REvil ransomware have leaked data from a medical center, health system, IT vendor, and some clients. The REvil ransomware gang posted data allegedly stolen from several clients of the document scanning and management solutions vendor Standley Systems. The REvil hackers claim that the vendor did not respond to their extortion attempts. Impacted clients include Enerquest, WW Steel, the Oklahoma Medical Board, Crawley Petroleum, Ellis Clinic, and Chaparral Energy. The data stolen by the REvil group is said to contain employee passports, licenses, Social Security numbers, medical documents, and other sensitive information. The Conti ransomware group posted some data on the dark web that it claims to have stolen from Rehoboth McKinley Christian Health Care Services in New Mexico, including prescriptions, provider names, scanned patient identifications, diagnoses, and more. Avaddon hackers posted highly sensitive information from the Capital Medical Center in Olympia, Washington, consisting of driver's licenses, lab results, patient procedural documents, patient assessments, and much more. These leaks pose a significant threat to patient privacy. Federal agencies and researchers have observed an increase in these hacking groups' targeted attacks on healthcare-related entities since September 2020. According to research from Coveware, data exfiltration occurs in 70 percent of all ransomware attacks. Hackers are also remaining on victims' networks for longer periods of time to gather as much sensitive data as they can before deploying the final ransomware payload. The National Institute of Standards and Technology (NIST), Office for Civil Rights (OCR), Department of Homeland Security (DHS), FBI, and Microsoft, have provided free ransomware guidance that can help healthcare organizations better detect, mitigate, and respond to ransomware attacks. This article continues to discuss recent leaks of data from healthcare-related entities by Avaddon, Conti, and REvil ransomware actors.
HealthITSecurity reports "Ransomware Actors Leak Data From 3 More Healthcare-Related Entities"