The NoEscape ransomware gang claims to have attacked two more medical entities.
The first one is Southeastern Orthopaedic Specialists, P.A. in North Carolina.
According to the threat actors, the network was locked on October 25, and 3 GB of files were exfiltrated.
From the expanded listing (not shown here), it also appears that Southeastern Orthopaedic Specialists has not responded to their demands at all. As a result, NoEscape has apparently hit them with a DDoS attack.
Attempts to connect to the medical group’s site earlier today failed with a timed out message. An attempt at publication time was able to connect but the site did not load quickly or even completely at first.
DataBreaches sent an email inquiry to the group about NoEscape’s claims, but no reply has been received as yet.
The second entity added to the leak site today was Carespring.
Carespring provides skilled nursing, memory care, rehabilitation, and independent or assisted living options throughout Cincinnati, Dayton, and Northern Kentucky.
According to NoEscape, they locked Carespring’s files on November 10 and exfiltrated 364 GB of files that allegedly include personal data of employees and patients, medical records, internal and financial documents.
As with the other entity, it appears Carespring has not responded to NoEscape at all, leading NoEscape to threaten:
We advise you not to bring the situation to a critical level and contact us soon is possiple. If you guys continue to remain silent, we will begin to deal new blows to your network, and a data leak will entail lawsuits, proceedings, compensation payments and multimillion-dollar losses, we think you have already become familiar with the file tree, so you should understand what kind of data we have 🙂
If you do not contact us before the end of the timer, we will begin partial publication of the data.
We are your last chance to get out of this situation with minimal losses.
Time is running out.
DataBreaches notes again that neither entity has confirmed any breach at this point and NoEscape has not posted any actual proof of claims. DataBreaches will continue to monitor for developments and will update if more information becomes available.