Capital Health attack claimed by LockBit ransomware, risk of data leak

The LockBit ransomware operation has claimed responsibility for a November 2023 cyberattack on the Capital Health hospital network and threatens to leak stolen data and negotiation chats by tomorrow.
Capital Health is a primary healthcare service provider in New Jersey and parts of Pennsylvania, operating two major hospitals and several satellite and specialty clinics.
Last November, the organization experienced an IT systems outage following a cyberattack on its network, warning that the incident would impact its operations for at least a week.
A security incident notification on the Capital Health website informs that all systems have been restored and operations have returned to normal, while additional security measures have been implemented to prevent similar incidents from re-occurring.
Capital Health's latest updates indicate they are still investigating whether data was stolen in the cyberattack.
The LockBit ransomware gang has now claimed responsibility for the attack on Capital Health by listing the healthcare company on its data leak extortion portal yesterday.
The cybercriminals allege to have stolen seven terabytes of sensitive medical data they threaten to leak tomorrow if the organization fails to meet their ransom payment demands.
LockBit has an affiliate rule that states their affiliates will not encrypt files on hospital networks but allow them to steal data for extortion.
While this policy has been broken numerous times by the operation's affiliates, in the attack on Capital Health, the LockBit operation says they purposely avoided encrypting the organization's files and instead only stole data.
Most ransomware groups tend to have strict policies regarding healthcare service providers, advising their affiliates not to perform such assaults for ethical reasons and banning them if they deviate from that instruction.
The LockBit operation has repeatedly targeted healthcare networks, including the SickKids children's cancer hospital, the Katholische Hospitalvereinigung Ostwestfalen in Germany, and the Carthage Area Hospital and Claxton-Hepburn Medical Center in upstate New York.
Encryption-less ransomware attacks can still lead to system outages as part of the victim's response action, catastrophic data breaches for many people who received care in the targeted hospitals, and significant financial losses for already underfunded or economically stressed institutions.
Recent examples of high-impact ransomware attacks in the healthcare sector are abundant, including other victims, such as Ardent Health Services, Integris Health, ESO Solutions, and the Fred Hutchinson Cancer Center.
Lockbit ransomware disrupts emergency care at German hospitals.
Ransomware gang behind threats to Fred Hutch cancer patients.
Healthcare software provider data breach impacts 2.7 million.
Norton Healthcare discloses data breach after May ransomware attack.


This Cyber News was published on www.bleepingcomputer.com. Publication date: Mon, 08 Jan 2024 16:00:14 +0000


Cyber News related to Capital Health attack claimed by LockBit ransomware, risk of data leak

Capital Health attack claimed by LockBit ransomware, risk of data leak - The LockBit ransomware operation has claimed responsibility for a November 2023 cyberattack on the Capital Health hospital network and threatens to leak stolen data and negotiation chats by tomorrow. Capital Health is a primary healthcare service ...
10 months ago Bleepingcomputer.com
U.S. Joins U.K. to Seize LockBit Site, Disrupt Massive Ransomware Variant - The U.S. Department of Justice has partnered with the United Kingdom and international law enforcement partners in London today to announce the disruption of the LockBit ransomware group. The LockBit ransomware group is one of the most active ...
9 months ago Americansecuritytoday.com
Hubris May Have Contributed to Downfall of Ransomware Kingpin LockBit - For all its vaunted success, the LockBit ransomware operation appears to have already been beset by problems when an international law enforcement effort led by the UK's National Crime Agency shut it down this week. Though it's likely that the dozens ...
8 months ago Darkreading.com
Feds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates - U.S. and U.K. authorities have seized the darknet websites run by LockBit, a prolific and destructive ransomware group that has claimed more than 2,000 victims worldwide and extorted over $120 million in payments. Instead of listing data stolen from ...
9 months ago Krebsonsecurity.com
The Week in Ransomware - Attacks on hospitals continued this week, with ransomware operations disrupting patient care as they force organization to respond to cyberattacks. While many, like LockBit, claim to have policies in place to avoid encryping hospitals, we continue to ...
9 months ago Bleepingcomputer.com
How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
1 month ago Aws.amazon.com
Ransomware Gang Claims Attack on Capital Health - The LockBit ransomware gang over the weekend claimed responsibility for a November 2023 cyberattack on hospital system Capital Health. In December, Capital Health announced that it fell victim to a cyberattack that resulted in network outages, and ...
10 months ago Securityweek.com
The Technology That's Remaking OU Health into a Top-Tier Medical Center - This, along with our desire to replace our electronic health record and revenue cycle system, contributed to OU Health's decision to completely overhaul our IT infrastructure in support of our long-term organizational needs. OU Health strives to ...
11 months ago Feedpress.me
LockBit Ransomware Targets German Energy Agency Dena - Dena, the reputed German Energy Agency, is said to have fallen victim to the notorious LockBit ransomware group. The Dena cyberattack was revealed through a post on the threat actor's dark web platform, where they disclose data breach incidents and ...
11 months ago Heimdalsecurity.com
Randolph Health Announces Data Breach Stemming from Breached Employee Email Account - On April 10, 2024, American Healthcare Systems LLC d/b/a Randolph Health filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights after discovering that an unauthorized party accessed a Randolph ...
7 months ago Jdsupra.com
Police arrest four suspects linked to LockBit ransomware gang - Previous arrests of Lockbit ransomware actors (some of them already charged for various offenses) include Mikhail Pavlovich Matveev (aka Wazawaka) in May 2023, Artur Sungatov and Ivan Gennadievich Kondratiev (aka Bassterlord) in February 2024, and ...
1 month ago Bleepingcomputer.com
Targeting homeowners' data - As these companies obtain a large amount of sensitive information from their customers, they become attractive targets for ransomware gangs to conduct double-extortion attacks. Finland is also warning of Akira ransomware increasingly targeting ...
10 months ago Bleepingcomputer.com
Capital Health Hospitals hit by cyberattack causing IT outages - Capital Health hospitals and physician offices across New Jersey are experiencing IT outages after a cyberattack hit the non-profit organization's network earlier this week. The healthcare system manages two hospitals, an outpatient facility in ...
11 months ago Bleepingcomputer.com
ProvenRun Secures €15M Series A to Accelerate its Growth - This investment is led by Tikehau Capital, the global alternative asset manager, through its new vintage of Brienne, its flagship private equity cybersecurity strategy with the French Ministry of Defence's Definvest fund, managed by Bpifrance. ...
11 months ago Darkreading.com
LockBit Ransomware Gang's Website Shut Down - The U.K. National Crime Agency's Cyber Division, the FBI and international partners have cut off ransomware threat actors' access to LockBit's website, which has been used as a large ransomware-as-a-service storefront. According to CISA, LockBit was ...
9 months ago Techrepublic.com
LockBit claim about hacking U.S. Federal Reserve fizzles - The LockBit ransomware gang claimed it had breached the U.S. Federal Reserve, but it ultimately leaked data belonging to a single bank. On June 23, LockBit listed the U.S. Federal Reserve on its data leak site and claimed to have obtained roughly 33 ...
4 months ago Techtarget.com
LockBit attacks continue via ConnectWise ScreenConnect flaws - Exploitation of two critical ConnectWise vulnerabilities continues to mount, with many attacks attributed to ransomware gangs such as LockBit. Last month, ConnectWise disclosed an authentication bypass vulnerability, tracked as CVE-2024-1708, that ...
8 months ago Techtarget.com
Hive Ransomware: A Detailed Analysis - This past week, on January 26th, to be exact, the FBI successfully shut down the Hive ransomware group and saved victims over a hundred million dollars in ransom payments and remediation costs. As ransomware continues to be a national security threat ...
1 year ago Heimdalsecurity.com
The Week in Ransomware - This week was pretty quiet on the ransomware front, with most of the attention on the seizure of the BreachForums data theft forum. That does not mean there was nothing of interest released this week about ransomware. A report by CISA said that the ...
6 months ago Bleepingcomputer.com
What is Lockbit Ransomware? The Most Essential Things You Need to Know - Lockbit ransomware is one of the latest malware threats to hit the cybersecurity world. It has been seen in several major ransomware attacks, including the attack on the software maker Nuance Communications. Lockbit is a particularly dangerous strain ...
1 year ago Tripwire.com
Tri-City Medical Center in Oceanside hit by cybersecurity attack - Tri-City Medical Center is diverting ambulance traffic to other hospitals Thursday as it copes with a cybersecurity attack that has forced it to declare "An internal disaster" as workers scramble to contain the damage and protect patient records. The ...
11 months ago Sandiegouniontribune.com
LockBit targets hospitals - We did not see much research released on ransomware this week, with most of the news focusing on new attacks and LockBit affiliates increasingly targeting hospitals. These attacks include ones against Yakult Australia and the Ohio Lottery by the new ...
10 months ago Bleepingcomputer.com
LockBit lied: Stolen data is from a bank, not US Federal Reserve - Recently-disrupted LockBit ransomware group, in what appears to be a desperate attempt to make a comeback, claimed this week that it had hit US Federal Reserve, the central bank of the United States. The tall claim was followed up with LockBit ...
4 months ago Bleepingcomputer.com
Law enforcement trolls LockBit, reveals massive takedown - In an act of exquisite trolling, the UK's National Crime Agency has announced further details about its disruption of the LockBit ransomware group by using the group's own dark web website. Since the demise of Conti in 2022, LockBit has been ...
9 months ago Malwarebytes.com
Copycat Criminals mimicking Lockbit gang in northern Europe - Recent reports of Lockbit locker-based attacks against North European SMBs indicate that local crooks started using Lockbit locker variants. During the past months, the Lockbit gang reached very high popularity in the underground ecosystem. The ...
1 year ago Securityaffairs.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)