Cardiovascular Consultants in Arizona is not the only U.S. medical entity the ransomware gang known as Qlin has hit. On December 4, Qlin added the Neurology Center of Nevada (NCN) to their leak site. They also provided screenshots as proof of claims. Some of those screenshots revealed personal or protected health information.
In addition to screenshots, Qlin claimed to be leaking a 198.20 GB file with the center’s data. But as we experienced in investigating their listing for Cardiovascular Consultants, the alleged tranche does not download and Qlin does not seem to respond to requests to address their download failures.
DataBreaches could not find any notice on NCN’s website or HHS’s public breach tool.
If confirmed, this might be NCN’s second ransomware attack in about a year. In September 2022, they disclosed that between June 12 and July 17, 2022, there was unauthorized access that resulted in files being locked. On September 15, NCN reported the incident to HHS as impacting 11,700 patients. The type of information involved in that incident included full name, address, date of birth, gender, driver’s license, Social Security number, health insurance information, and medical information, including diagnosis/treatment information, lab results, and medications. When contacted on September 15, 2022, to ask them to confirm or deny whether this was a ransomware attack, they did not reply.
DataBreaches has sent an inquiry to NCN about the currently alleged attack. No reply has been received by publication.
This post will be updated if more information can be obtained.