Yesterday, news broke that Memorial Health system in Ohio had been hit with a ransomware attack and that surgeries were being delayed. Today Ionut Ilascu reports more details, including that the attack appears to involve the Hive ransomware threat actors:
BleepingComputer has seen evidence that the attackers have stolen databases with information belonging to 200,000 patients, which includes sensitive details, such as social security numbers, names, and dates of birth.
The perpetrator is allegedly the Hive ransomware gang, which emerged in late June, discovered by dnwls0719. Despite the short time of activity, the group already claimed multiple victims.
Read more on BleepingComputer.
One of the victims on Hive’s site which was subsequently removed was a listing for Greenway Health. DataBreaches.net reported on that claim and how Greenway told DataBreaches.net that this was not an attack on their server(s) but on a former client who they would not name. That listing was removed for a while but has been re-added to Hive’s leak site. Have they been trying to extort the wrong entity? In any event, it showed that Hive has no compunction about targeting the healthcare sector and the attack on Memorial Health just confirms that.