DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Petersen Health Care allegedly a victim of a cyberattack, but not much is known at this point

Posted on December 13, 2023 by Dissent

On November 21, the Cactus ransomware gang added Petersen Health Care to its leak site. The listing has been updated since then. As proof of claims, Cactus leaked several screenshots of identity documents like passports. They did not indicate whether these were employee documents or patient-related documents, although it would be more likely if they were employee-related. There were no files that were marked as patient or medical records, and Cactus did not state whether they encrypted files or systems.

Petersen Health Care provides a variety of settings and types of services, including independent living, memory care, rehabilitation services, skilled nursing, supportive living facilities, and assisted living facilities. They have locations in Illinois, Missouri, and Iowa.

DataBreaches reached out to Petersen Health Care via their website contact form on December 10. They did not reply. DataBreaches sent a second inquiry on December 12 asking if they would confirm the claimed attack, whether files were locked, whether patient data was exfiltrated, and whether patient care was affected at all. Once again, there was no reply.

DataBreaches also reached out to Cactus on December 10 to ask how much data they exfiltrated and whether it included patient data. They read the inquiry but did not reply.

Given their lack of clear proof of claims concerning protected health information, it’s not yet clear whether they got any patient data at all. If they decide to respond to the inquiry or update their leak site, this post may be updated.

There is no notice of any kind on Petersen’s website at publication, and because Cactus did not indicate a date of attack nor whether they got any patient data, Petersen may still be within a 60-day window for reporting to HHS and patients.

DataBreaches will continue to monitor this incident and will post updates if more information becomes available.

Related posts:

  • “Without Undue Delay,” Part 2
  • U.S. medical entities fall prey to Pysa threat actors, but many haven’t disclosed it – at least, not yet.
Category: Breach IncidentsHealth DataU.S.

Post navigation

← MoD fined £350k over data breach that endangered lives of Afghan interpreters
Covenant Care patient and employee data being leaked by ransomware group →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked
  • Breaches have consequences (sometimes) (1)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit
  • British national “IntelBroker” charged with causing $25 million in damages; U.S. seeks his extradition from France
  • France issues press statement about arrest of ShinyHunters members

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions
  • NY Attorney General James Affirms Hospitals Must Provide Access to Emergency Abortion Care

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.