Lorenz ransomware gang hit Texas-based Cogdell Memorial Hospital
The Lorenz ransomware group hit Texas-based Cogdell Memorial Hospital
The Lorenz extortion group leaked the data stolen from the Texas-based Cogdell Memorial Hospital.
In early November, the Cogdell Memorial Hospital (Scurry County Hospital District) announced it was experiencing a computer network incident that prevented the hospital from accessing some of its systems and severely limiting the operability of its phone system. The hospital immediately removed network connectivity and continued to provide most routine services.
The facility operates as a Critical Access Hospital and a Rural Health Clinic serving rural West Texas. It is a 70-bed hospital that provides a wide range of services, including:
- Emergency care
- Inpatient and outpatient surgery
- Medical imaging
- Laboratory services
- Physical therapy
- Occupational therapy
- Speech therapy
- Home health care
- Hospice care
The Lorenz extortion group claimed responsibility for the security breach and added the hospital to its Tor leak site. The group claims to theft of more than 400GB of data, including internal files, patient medical images, and also employee email communications.
The Lorenz ransomware gang has been active since April 2021 and hit multiple organizations worldwide demanding hundreds of thousands of dollars in ransom to the victims.
Like other ransomware gangs, Lorenz operators also implement double-extortion model by stealing data before encrypting it and threatening them if the victim doesn’t pay the ransom. Ransom demands have been quite high, between $500.000 and $700.000.
At the time of this writing, the Loren group has started uploading the stolen data (95%)
US Healthcare organizations continue to be a privileged target of ransomware gangs.
The popular researcher Brett Callow states that far this year, 29 US health systems with 90 hospitals between them have been impacted by ransomware, and at least 23/29 had data stolen.
In mid-October, the ALPHV/BlackCat ransomware group claimed to have hacked the Morrison Community Hospital and added it to its…
