DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

BlackCat continues attempting to extort healthcare entities

Posted on July 1, 2023 by Dissent

BlackCat has been busy and continues to attack the healthcare sector here and abroad. Visitors to their leak site this week saw listings for:

Coachella Valley Collection Service, a service that provides debt collection services, including “medical, retail, commercial, judgment, and check debt collection.” BlackCat (aka AlphV) claims to have acquired 575 GB of data including employee personal information, internal company documents, clients’ documents with Social Security numbers, loan data and more, and a complete network map including login credentials for local and remote services.

AlphV listing for Coachella Valley Collection Service. Some screencaps were provided as proof of claims. Two of the image files are of now-expired driver’s licenses.Image and redaction by DataBreaches.net.

Kansas Joint & Spine Specialists

BlackCat claims to have downloaded 467 GB of data from this provider’s servers, including employee personal information, internal company documents, clients’ documents with Social Security numbers, loan data and more.

AlphV writes:467 GB data has been downloaded from company file servers, including: - Internal Company Data (Employees personal data, CV's, DL's, ID's, SSN's, Financial reports, Accounting data, Loans data, Insurance, Agreements and much more); - Clients documentation (DL's, ID's, SSN's, Financial data, Credit cards information, Loans data, Agreements and much more); - Complete network map including credentials for local and remote services; - And more…
Listing for Kansas Joint & Spine included some screencaps with two driver’s licenses, a passport, a Social Security number, and a named doctor’s personal and professional details in a resume. Image and redaction by DataBreaches.net.

Barts Health NHS Trust

A group of hospitals provide a huge range of clinical services to people in east London and beyond. AlphV’s listing claims to have 7 TB of data of the kind described for the previous two listings. There are six screencaps as proof, each of which is either a photo image such as a driver’s license or passport. There is also a disciplinary record on an employee.

Perhaps their presence on AlphV’s site is reason to hope that more victims in the healthcare sector are refusing to pay extortion demands. Healthcare victims have generally been more likely to pay than victims in other sectors, in great part due to the risk to patient safety and patient care if their ability to function is impacted. But not all attacks on the healthcare sector put patient safety or patient care at imminent risk. A collections firm may be a business associate that maintains patient data on payments and related information, but is that a justification to pay extortion if they are attacked? See Paying the Ransom for a discussion of some tough decisions facing hospitals, but keep in mind that not all entities are hospitals or involved in urgent care.

Related posts:

  • “BlackCat” attempts to up the pressure on Suffolk County; starts to leak data?
Category: Breach Incidents

Post navigation

← Paying the ransom: Hospitals face hard choices in cyberattacks | Special Report
Breach Victims Have Standing When Data Misused, 1st Circuit Says →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked
  • Breaches have consequences (sometimes) (1)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.