Kentucky well being system Norton Healthcare has confirmed {that a} ransomware assault in Could uncovered private data belonging to sufferers, workers, and dependents.
Norton Healthcare serves grownup and pediatric sufferers in additional than 40 clinics and hospitals throughout Better Louisville, Southern Indiana, and the Commonwealth of Kentucky.
With over 20,000 workers, greater than 1,750 employed medical suppliers, and over 3,000 whole suppliers on its medical employees, Norton Healthcare is Louisville’s second-largest employer, with greater than 140 areas all through Better Louisville and Southern Indiana.
“On Could 9, 2023, Norton Healthcare found that it was experiencing a cybersecurity incident, later decided to be a ransomware assault,” it stated in a press launch revealed on Friday.
“Norton Healthcare notified federal legislation enforcement and instantly started working with a revered forensic safety supplier to research and terminate the unauthorized entry.
“Our investigation decided that an unauthorized particular person(s) gained entry to sure community storage units between Could 7, 2023, and Could 9, 2023, however didn’t entry Norton Healthcare’s medical report system or Norton MyChart.”
The attackers gained entry to a variety of delicate data, together with identify, contact data, Social Safety Quantity, date of beginning, well being data, insurance coverage data, and medical identification numbers.
Norton Healthcare says that, for some people (doubtless workers), the uncovered knowledge might have additionally included monetary account numbers, driver’s licenses or different authorities ID numbers, and digital signatures.
Probably affected people will obtain two years of free credit score safety providers and extra data in breach notification letters.
Ransomware assault claimed by BlackCat/ALPHV
Whereas Norton Healthcare did not hyperlink the assault to a particular ransomware operation, the assault was claimed in late Could by the ALPHV (BlackCat) gang.
The attackers claimed in an entry added to their darkish internet leak website that they allegedly stole 4.7TB of information from the healthcare system’s compromised techniques, as DataBreaches reported.
The ransomware gang additionally leaked dozens of recordsdata as proof of the breach and knowledge exfiltration, containing some Norton Healthcare sufferers’ Social Safety numbers, financial institution statements, and extra.
BleepingComputer reported right now that an ongoing outage affecting ALPHV’s web sites may very well be linked to a legislation enforcement operation.
Norton Healthcare is only one of a protracted string of healthcare organizations in the USA which have fallen sufferer to ransomware.
As an illustration, healthcare supplier Ardent Well being Providers, which operates 30 hospitals throughout six U.S. states, additionally disclosed final month that it was hit by a ransomware assault.
Since final 12 months, the U.S. authorities has issued a number of cautionary advisories concerning ransomware assaults concentrating on healthcare establishments nationwide.
One such advisory got here from the safety workforce on the U.S. Division of Well being and Human Providers (HHS) about ransomware operations like Royal, Venus, Maui, and Zeppelin concentrating on Healthcare and Public Well being (HPH) organizations.
In October 2022, the Cybersecurity and Infrastructure Safety Company (CISA), Federal Bureau of Investigation (FBI), and the HHS notified hospitals in regards to the Daixin Staff cybercrime gang’s lively concentrating on of healthcare services in ransomware assaults.
