It is still fairly rare for a ransomware victim to totally shutter its doors permanently as a result of an incident, but a relatively small breach in Georgia was reportedly fatal for Ascension Health Services LLC DBA Alpha Wellness and Alpha Medical Centre.
A notice on its website dated April 4, 2025 reads:
We are deeply saddened to share that Alpha Medical Centre has been the victim of a serious cybersecurity attack. As a result of this criminal act and its devastating impact, we have no choice but to close the practice. Our last day seeing patients will be Friday, April 18.
If you are an existing patient, you will soon receive an email and/or letter with more detailed information. You can also read our full legal announcement.
Thank you for allowing us to serve you and the Alpharetta community for the past 12+ years. We wish you all the best of health moving forward.
Dr. Singh and the Alpha Medical Centre Team
Notice on Alpha Medical Centre’s website dated April 4, 2025 announced it would be closing permanently on April 18, 2025.
The February 3, 2025 incident was reported to HHS on July 8 as affecting 1,714 patients.
A check of darkweb leak sites reveals that the RansomHub gang not only claimed responsibility for the attack, but leaked data on February 18, 2025. A screenshot of the leak, still available, suggests that a lot of protected health information and personally identifiable information was involved, including name, address, phone number, email address, date of birth, health insurance policy and claims information, diagnoses, treatment codes, prescription information, and diagnostic tests results and images,
But it still seems unusual for a breach of this size to result in the total closure of an entity? Didn’t Alpha Medical Centre have any usable backups? Did they have any cyberinsurance to help cover the costs of the breach? Were they already in any financial distress or trouble before this cyberattack?
Another business also folded this year
Cyber Security News reports that a weak password led to the demise of another entity:
A single compromised password brought down KNP Logistics, putting 730 employees out of work and highlighting the devastating impact of cyber attacks on British businesses.
One password is believed to have been all it took for a ransomware gang to destroy a 158-year-old company and put 700 people out of work.
KNP Logistics, a Northamptonshire transport company with roots dating back to 1865, became the latest victim of the Akira ransomware group in June 2024, joining tens of thousands of UK businesses that have fallen prey to such attacks.
The devastating breach began when hackers managed to gain entry to KNP’s computer systems by guessing an employee’s password. Once inside, the Akira gang deployed ransomware that encrypted the company’s essential data and locked down its internal systems, demanding an estimated £5 million ransom.
