On July 12, threat actors known as Hunters International added Betances Health Center in New York to their leak site. On July 25, they leaked what they claim is almost 125 GB of information consisting of 361,564 files.
Betances Health Center describes itself as offering a full range of primary care and preventive services, as well as complementary and social services for the entire family, regardless of ability to pay. What happened, though? When? And what has Betances done in response?
Very little is known about this incident so far. Hunters’ site claims that they encrypted Betances’ files and exfiltrated data, but there is nothing on Betances’ site about any cyberattack or data security incident. Perhaps Betances is still investigating the incident, but given that sensitive patient data has already been leaked, they need to say something.
Betances’ web site contact link does not work and there has been no reply to an email sent to them earlier today seeking information on the attack and their response.
Inspection of some of the leaked data reveals very sensitive data has been leaked. Some examples, redacted by DataBreaches, follow:
DataBreaches also noted multi-page reports on individual patients. DataBreaches was able to find some named individuals via Google searches.
Betances appears to be covered by HIPAA, which means that sooner or later, we will likely see this incident on HHS’s public breach tool. As of publication, however, we do not know how many patients have been affected.
There is nothing on Betance’s web site to suggest that the alleged encryption disrupted patient care or services in any way. That said, there is a great deal of sensitive personal and medical information leaked on the dark web and clear net and no indication that the patients have been alerted to this breach.