- Two US health firms confirmed to like a cyberattack
- More than 300,000 victims have had sensitive data stolen
- Rhysida assumed responsibility for the attack and added the data to its leakage space
Ransomware operators Rhysida claims responsibility for cyberattacks at two US health organizations.
On its data leakage, they listed Sunflower Medical Group and Community Care Alliance (CCA). The former is a healthcare provider in Kansas City Metropolitan Area that offers services such as primary care, urgent care, pediatrics and more. The latter is a unified human service agency that offers more than 50 programs.
Combined, it seems that more than 300,000 people have had their sensitive data compromised as a result of these attacks.
No abuse yet
In a public announcement published on its website, Sunflower said attackers broke into the systems on December 15, but were spotted and removed only a month later, around 7 January.
During this time, they stole people’s names, addresses, birth dates, social security numbers, driver’s license numbers, medical information and information about health insurance. In an archiving at Maine Attorney General’s Office, Sunflower said 220,968 people were affected.
CCA, on the other hand, was beaten in July last year and claims that Miscreants took people’s names, addresses, birth dates, driver’s license numbers and SSNs as well as diagnoses and conditions, laboratory results, medicine, patient -D numbers, health insurance information, provider names and other data. Its filing at Maine Attorney General’s Office sets the number of people affected on 114,945.
As for Rhysida, Ransomware operators claim to have 7.6 TB worth of Sunflower’s data, including a 3TB SQL database, reports the register. Since the data is still listed on the site, it either means that the negotiations are going on or that they have broken down.
In any case, Rhysida is not yet delicious everything on the dark web, and at the time of the press there was no indication of abuse in nature. Both organizations said they tightened up security after the incident.
Via Registered
