DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Special Health Resources’ “technical difficulties” are due to a ransomware attack

Posted on June 10, 2024 by Dissent

Although some threat groups or affiliates have sworn off attacking the medical sector with ransomware, not all have. On Sunday evening, June 2, Special Health Resources (“SHR”) posted a notice on their Facebook account:

We are currently experiencing technical difficulties and on Monday, our health centers will only see patients who are actively sick. All other routine and non-urgent appointments will be rescheduled.

We apologize for any inconvenience.

As of publication, alerts on their website indicate that the “technical difficulties” have not been resolved:

We are currently experiencing technical difficulties that have caused a temporary disruption to our systems. We apologize for the inconvenience. Resolving this issue is our top priority. Most clinics are open and are able to see established patients as walk-in visits, including prescription refills. Dental services are temporarily unavailable. If you are unable to reach us via phone, you can also communicate via Facebook messenger on your health center's Facebook page. We are working on alternative ways to communicate. Please follow us on social media or check our website for the most up-to-date information. We appreciate your patience and understanding. We are still here to help you as best we can.

We are currently experiencing technical difficulties that have caused a temporary disruption to our systems. We apologize for the inconvenience. Resolving this issue is our top priority.

Most clinics are open and are able to see established patients as walk-in visits, including prescription refills. Dental services are temporarily unavailable. If you are unable to reach us via phone, you can also communicate via Facebook messenger on your health center’s Facebook page. We are working on alternative ways to communicate.

Some clinics more impacted than others

SHR has multiple locations in East Texas and Southwest Arkansas. A notice on their site described the status of different clinics:

Jacksonville Care Clinic is temporarily closed due to technical difficulties and are not seeing patients at this time.

Tyler Care Clinic – Troup Hwy. (behavioral health patients only), Tyler Care Clinic- Midtown, Jim Meyer Comprehensive Health Center, Pediatric Clinic of Paris, Paris Care Clinic and Texarkana Care Clinic – 6th St. are currently only seeing established patients as walk-in visits. Woman & Child Health Center of Longview is also seeing established patients as walk-in visits until 2 p.m. Dental services are not available.

The above schedule is in place for Monday, June 10.

We apologize for any inconvenience. Staff will contact patients to reschedule appointments.

The “technical difficulties” are from ransomware

On June 8, DataBreaches learned that SHR had been attacked by BlackSuit.  A spokesperson for the ransomware gang provided this site with a link to a non-public message on their leak site that indicated that they had not heard from SHR in response to the attack.

“It is up to you of course whether to negotiate or not, but our experience says that remaining silent is the worst option for you,” they wrote to SHR.

BlackSuit also provided this site with a file tree showing the directory and files they claim to have acquired. The file tree consisted of 18,829 directories with 253,671 files. Some of the files appeared to be internal company files, including files with some employee data. Other files, including .dcm files, likely contain protected health information of patients. Without the actual files, DataBreaches could not attempt to validate or verify the authenticity of any claims, but a Google search of what appeared to be patient names did find people with those names in locations where SHR has clinics. That in combination with SHR’s website status and file tree provide some support for BlackSuit’s claims.

Has SHR made any recovery progress?

As of publication, SHR does not seem to have established alternative ways to communicate. Attempts to reach SHR administration by phone on Saturday and every day since then have only reached after-hours nursing care to leave messages. Attempts to email executives continue to bounce back as “user unknown” every day. Their Facebook account has not updated their operational status since their June 2 post.

SHR’s alert today about which clinics are open is almost the same as last week when DataBreaches first checked their site except that Texarkana Care Clinic – 6th St. was listed as closed last week and is now listed as open, but only to seeing established patients as walk-ins.

SHR does not provide an estimate of when normal services will be restored or when they will be able to see new patients. Do they even have access to all of their established patients’ medical and billing records? Without being able to reach them to inquire, it is impossible to know for sure.

As of publication, BlackSuit’s countdown clock for SHR has run down. A spokesperson for the group informs DataBreaches that SHR will be added to their leak site tomorrow.

 

Category: Health DataMalwareU.S.

Post navigation

← Federal criminal investigation involving Perry Johnson & Associates data breach
Snowflake to Close Hacking Probe Into Attack Targeting Clients →

1 thought on “Special Health Resources’ “technical difficulties” are due to a ransomware attack”

  1. Manish pareek says:
    June 12, 2024 at 4:58 pm

    A ransomware attack is very heart touching movement for a website owner

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Western intelligence agencies unite to expose Russian hacking campaign against logistics and tech firms
  • Disrupting Lumma Stealer: Microsoft leads global action against favored cybercrime tool
  • Researchers Scrape 2 Billion Discord Messages and Publish Them Online
  • Privilege Under Fire: Protecting Forensic Reports in the Wake of a Data Breach
  • Hacker who breached communications app used by Trump aide stole data from across US government
  • Massachusetts hacker to plead guilty to PowerSchool data breach (1)
  • Cyberattack brings down Kettering Health phone lines, MyChart patient portal access (1)
  • Gujarat ATS arrests 18-year-old for cyberattacks during Operation Sindoor
  • Hackers Nab 15 Years of UK Legal Aid Applicant Data
  • Supplier to major UK supermarkets Aldi, Tesco & Sainsbury’s hit by cyber attack with ransom demand

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Researchers Scrape 2 Billion Discord Messages and Publish Them Online
  • GDPR is cracking: Brussels rewrites its prized privacy law
  • Telegram Gave Authorities Data on More than 20,000 Users
  • Police secretly monitored New Orleans with facial recognition cameras
  • Cocospy stalkerware apps go offline after data breach
  • Drugmaker Regeneron to acquire 23andMe out of bankruptcy
  • Massachusetts Senate Committee Approves Robust Comprehensive Privacy Law

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.