On Nov. 16, a cybersecurity contractor admitted guilt for unlawfully accessing the computer systems of Lawrenceville, Ga.-based Gwinnett Medical Center back in 2018, Law360 reported.
Vikas Singla, who was the COO of a metro Atlanta network security firm specializing in healthcare, pleaded guilty to orchestrating a cyberattack on Gwinnett, according to the publication.
During the attack, phone lines were disrupted, as well as the network printer service.
Mr. Singla also was able to illicitly obtain data from a digitizing device from the hospital during the attack.
The government said the crime cost Gwinnett Medical Center $800,000 and that the cyberattack was, in part, carried out with the intention of securing financial benefits for Mr. Singla’s company.
Mr. Singla was indicted by a federal grand jury on June 8, 2021.
The Lorenz extortion group leaked the data stolen from the Texas-based Cogdell Memorial Hospital.
In early November, the Cogdell Memorial Hospital (Scurry County Hospital District) announced it was experiencing a computer network incident that prevented the hospital from accessing some of its systems and severely limiting the operability of its phone system. The hospital immediately removed network connectivity and continued to provide most routine services.
The facility operates as a Critical Access Hospital and a Rural Health Clinic serving rural West Texas. It is a 70-bed hospital that provides a wide range of services, including:
Emergency care
Inpatient and outpatient surgery
Medical imaging
Laboratory services
Physical therapy
Occupational therapy
Speech therapy
Home health care
Hospice care
The Lorenz extortion group claimed responsibility for the security breach and added the hospital to its Tor leak site. The group claims to theft of more than 400GB of data, including internal files, patient medical images, and also employee email communications.
The Lorenz ransomware gang has been active since April 2021 and hit multiple organizations worldwide demanding hundreds of thousands of dollars in ransom to the victims.
Like other ransomware gangs, Lorenz operators also implement double-extortion model by stealing data before encrypting it and threatening them if the victim doesn’t pay the ransom. Ransom demands have been quite high, between $500.000 and $700.000.
At the time of this writing, the Loren group has started uploading the stolen data (95%)
US Healthcare organizations continue to be a privileged target of ransomware gangs.
The popular researcher Brett Callow states that far this year, 29 US health systems with 90 hospitals between them have been impacted by ransomware, and at least 23/29 had data stolen.
In mid-October, the ALPHV/BlackCat ransomware group claimed to have hacked the Morrison Community Hospital and added it to its…
https://spinsafe.com/wp-content/uploads/2023/11/image-17.png8681600SecureTechhttps://spinsafe.com/wp-content/uploads/2024/01/SS-Logo.svgSecureTech2023-11-12 19:30:082023-11-12 19:30:08Lorenz ransomware gang hit Texas-based Cogdell Memorial Hospital
BOSTON—A record year for cyberattacks on U.S. hospitals is putting patients in danger, as hospitals struggle to cope with disabled equipment and frozen data, an official from the American Hospital Association warned Thursday.
Hackers, especially ransomware groups, are routinely taking down medical applications and internet connections, and freezing up patient and operations data, John Riggi, national adviser for cybersecurity and risk at the AHA, said, speaking at a meeting of the Healthcare Information and Management Systems Society.
“Email and phones go down. Backup computers generally don’t work or have only about three days of data on them,” Riggi said. “We have seen this consistently,” he told the audience of healthcare technology and cyber leaders.
Healthcare companies, including well-known national hospital operators, continue to be battered by hackers. Services remain disrupted at hospitals owned by private-equity firm Prospect Medical Holdings since a cyber incident in early August. Prospect didn’t immediately respond to a request for comment.
Scripps Health, a large San Diego-based care provider, sent some patients to two emergency departments at two area hospitals when it was hit with ransomware in 2021. The move caused care delays and increased patient wait times at those facilities, a study in the Journal of the American Medical Association showed.
Since January, the medical data of more than 61 million people has been stolen or exposed in more than 400 cyberattacks, according to statistics from the U.S. Department of Health and Human Services. This vastly outpaces activity in 2022 and 2021.
The average number of patients affected in a hack is 180,000, tripling in the past three years, Riggi said. Most of the data is stolen from network servers and email accounts, as opposed to electronic medical records, he said, which indicates hospitals aren’t taking care to encrypt most of the information.
That these attacks also disable radiology, scanning and other equipment used to diagnose strokes and treat…
Hackers who stole patient information from the servers at Mayanei Hayeshua Medical Center in Bnei Brak have made good on their threat to publish the data.
The “Ragnar Locker” group demanded a ransom totaling tens of millions of shekels for the information after the break-in, which took place about a month ago, according to Israel Hayom.
Not having received the money, the ransomware hackers announced on their Telegram account that they had released 402 gigabytes of data in the first tranche.
The group threatened to publish the rest of the information it claimed it was holding if the ransom is not paid, including the personal, medical and psychiatric records of patients who include government and Knesset members, rabbonim, Torah sages and other prominent haredi religious patients.
Prime Minister Benjamin Netanyahu underwent treatment for a prostate issue at the hospital in 2015, according to the report.
There is fear in the haredi public that the hackers will create a “Medical WikiLeaks” that could cause serious damage to many members of the Orthodox population, according to the haredi B’Chadarei Haredim news outlet.
Health and Interior Minister MK Moshe Arbel said in response to the initial threat that the government has not previously succumbed to extortion attacks on government data and will not succumb to such attacks on the health system either.
“Along with my instructions to budget tens of millions of shekels for a multi-year cyber preparedness plan in the health system, I also believe it appropriate to publish, on my own initiative, the results of a CT scan I performed at Mayanei Hayeshua Medical Center after a partial resection of my right kidney for a cancerous tumor that was found during tests to determine my eligibility to donate the kidney.
“There is no room for surrendering to blackmail and threats from cyber attackers,” he said. “We must stand as a wall to protect the right to privacy of every patient in the Israeli health system.”
Mayanei Hayeshua Medical Center also responded to the threat, saying in a statement, “The hospital, in cooperation with the Ministry of Health, the…
https://spinsafe.com/wp-content/uploads/2023/09/Mayanei-Hayeshua-Hospital-3.jpg483724SecureTechhttps://spinsafe.com/wp-content/uploads/2024/01/SS-Logo.svgSecureTech2023-09-07 08:00:062023-09-07 08:00:06Ransomware Hackers Publish Patient Info from Mayanei Hayeshua Hospital | The Jewish Press – JewishPress.com | Hana Levi Julian | 21 Elul 5783 – Thursday, September 7, 2023
