Kentucky health system Norton Healthcare has confirmed that a ransomware attack in May exposed personal information belonging to patients, employees, and dependents.
Norton Healthcare serves adult and pediatric patients in more than 40 clinics and hospitals across Greater Louisville, Southern Indiana, and the Commonwealth of Kentucky.
With over 20,000 employees, more than 1,750 employed medical providers, and over 3,000 total providers on its medical staff, Norton Healthcare is Louisville's second-largest employer, with more than 140 locations throughout Greater Louisville and Southern Indiana.
The attackers gained access to a wide range of sensitive information, including name, contact information, Social Security Number, date of birth, health information, insurance information, and medical identification numbers.
Norton Healthcare says that, for some individuals, the exposed data may have also included financial account numbers, driver's licenses or other government ID numbers, and digital signatures.
Potentially affected individuals will receive two years of free credit protection services and additional information in breach notification letters.
While Norton Healthcare didn't link the attack to a specific ransomware operation, the attack was claimed in late May by the ALPHV gang.
The attackers claimed in an entry added to their dark web leak site that they allegedly stole 4.7TB of data from the healthcare system's compromised systems, as DataBreaches reported.
The ransomware gang also leaked dozens of files as proof of the breach and data exfiltration, containing some Norton Healthcare patients' Social Security numbers, bank statements, and more.
BleepingComputer reported today that an ongoing outage affecting ALPHV's websites could be connected to a law enforcement operation.
Norton Healthcare is just one of a long string of healthcare organizations in the United States that have fallen victim to ransomware.
Healthcare provider Ardent Health Services, which operates 30 hospitals across six U.S. states, also disclosed last month that it was hit by a ransomware attack.
Since last year, the U.S. government has issued multiple cautionary advisories regarding ransomware attacks targeting healthcare institutions nationwide.
One such advisory came from the security team at the U.S. Department of Health and Human Services about ransomware operations like Royal, Venus, Maui, and Zeppelin targeting Healthcare and Public Health organizations.
In October 2022, the Cybersecurity and Infrastructure Security Agency, Federal Bureau of Investigation, and the HHS notified hospitals about the Daixin Team cybercrime gang's active targeting of healthcare facilities in ransomware attacks.
McLaren Health Care says data breach impacted 2.2 million people.
ALPHV ransomware gang claims attack on Florida circuit court.
ALPHV ransomware site outage rumored to be caused by law enforcement.
HTC Global Services confirms cyberattack after data leaked online.
Tipalti investigates claims of data stolen in ransomware attack.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Fri, 08 Dec 2023 23:30:07 +0000