BlackCat has been busy and continues to attack the healthcare sector here and abroad. Visitors to their leak site this week saw listings for:
Coachella Valley Collection Service, a service that provides debt collection services, including “medical, retail, commercial, judgment, and check debt collection.” BlackCat (aka AlphV) claims to have acquired 575 GB of data including employee personal information, internal company documents, clients’ documents with Social Security numbers, loan data and more, and a complete network map including login credentials for local and remote services.
Kansas Joint & Spine Specialists
BlackCat claims to have downloaded 467 GB of data from this provider’s servers, including employee personal information, internal company documents, clients’ documents with Social Security numbers, loan data and more.
Barts Health NHS Trust
A group of hospitals provide a huge range of clinical services to people in east London and beyond. AlphV’s listing claims to have 7 TB of data of the kind described for the previous two listings. There are six screencaps as proof, each of which is either a photo image such as a driver’s license or passport. There is also a disciplinary record on an employee.
Perhaps their presence on AlphV’s site is reason to hope that more victims in the healthcare sector are refusing to pay extortion demands. Healthcare victims have generally been more likely to pay than victims in other sectors, in great part due to the risk to patient safety and patient care if their ability to function is impacted. But not all attacks on the healthcare sector put patient safety or patient care at imminent risk. A collections firm may be a business associate that maintains patient data on payments and related information, but is that a justification to pay extortion if they are attacked? See Paying the Ransom for a discussion of some tough decisions facing hospitals, but keep in mind that not all entities are hospitals or involved in urgent care.