Over on SuspectFile, Marco A. De Felice reports that the NoEscape ransomware gang is threatening to release 1.5 TB of data from PruittHealth Network. De Felice was unable to obtain any statements or responses from either PruittHealth or the threat actors, but notes that the threat actors claim to have attacked Pruitt on November 13 and to have reached out to Pruitt by both email and phone calls. A post on their leak site contains this warning:
Please know that we are watching you and the fact that you have begun large-scale work to respond to incidents and reset your domain passwords, it will not help you. You have only one chance to resolve this situation is to contact us.
Assign a peson to the postition of negotiator, and tell him to contact us, we will explain evrithing and help you solve this problem.
Time is running out.
Read more at SuspectFile.
DataBreaches notes that NoEscape’s listing currently indicates that they have also hit PruittHealth with a DDoS attack and that Pruitt has three days left before NoEscape starts leaking data.
DataBreaches submitted an inquiry to NoEscape asking them which of PruittHealth’s services they had compromised, and whether they had encrypted files or just exfiltrated files.
There is no notice on PruittHealth’s website about any disruptions or interruption in any services. DataBreaches has submitted an inquiry asking them the same questions and whether patient care has been impacted in any way.
No replies from PruittHealth or NoEscape have been received by publication. This post will be updated if or when replies are received.
PruittHealth was previously known as UHS-Pruitt. Under that name, DataBreaches had reported on some data security breaches in 2013-2014. Although not reported on DataBreaches at the time, PruittHealth Hospice in South Carolina reported an office burglary in April 2016 that affected 1,437 patients.