Norton Healthcare Discloses Data Breach Following May Ransomware Attack

/in


Norton Healthcare has officially confirmed a data breach following a ransomware attack that occurred in May 2023. The breach exposed sensitive personal information belonging to patients, employees, and their dependents across the Greater Louisville area, Southern Indiana, and the Commonwealth of Kentucky.

Norton Healthcare, which operates over 40 clinics and hospitals, serves both adult and pediatric patients and is the second-largest employer in Louisville with more than 20,000 employees.

The cybersecurity incident was discovered on May 9, 2023, prompting Norton Healthcare to engage federal law enforcement and a forensic security provider to investigate and halt unauthorized access. The breach involved unauthorized access to certain network storage devices between May 7 and May 9, 2023. Fortunately, the attackers did not access Norton Healthcare’s medical record system or Norton MyChart.

Also see: Best Ransomware Protection Tools

The compromised data includes a range of sensitive information such as names, contact details, Social Security Numbers, dates of birth, health information, insurance details, and medical identification numbers. For some individuals, particularly employees, the exposed data may also include financial account numbers, driver’s licenses or other government ID numbers, and digital signatures.

The ransomware attack was claimed by the BlackCat/ALPHV gang in late May. The group is alleged to have stolen 4.7 terabytes of data from Norton Healthcare’s systems, as reported by DataBreaches. Proof of the breach, including Social Security numbers and bank statements of some patients, was leaked on the dark web by the attackers.

Affected individuals will be notified and offered two years of free credit protection services, as well as additional information in breach notification letters.

It is worth noting that Norton Healthcare is the latest in a series of healthcare organizations in the United States that have fallen victim to ransomware attacks. The ALPHV gang’s websites are currently experiencing an outage, which BleepingComputer suggests may be connected to a law enforcement operation.

This incident underscores the ongoing threat to healthcare institutions from…

Source…