Tens of Thousands of Patient Files Leaked in US Hospital Attacks

Written by

Patients and employees from 11 hospitals in the US have had their personal information exposed after hackers reportedly published tens of thousands of records online.

The files come from Leon Medical Centers, which runs eight facilities in Florida, and Nocona General Hospital, which has three in Texas.

The compromised information includes patients’ names, addresses and birthdays, medical diagnoses and letters to insurers. Also exposed was a folder containing background checks on hospital staff, according to NBC.

The unnamed attack group is apparently well known to researchers and is usually in the business of double extortion ransomware, whereby data is stolen and posted to a dark web blog in a bid to force payment.

However, it’s unclear why so many records were published in the first instance. Usually such groups post a small slice of what they have to prove they mean business, and only expose large volumes of data in retribution if the victim organization refuses to comply.

Adding further mystery to the case, an attorney for Nocona General Hospital told the US news network that the organization does not appear to have suffered any ransomware infection or received a ransom demand.

In the case of the other victim, Leon Medical Centers announced last month that it had been breached in November 2020, in a raid that compromised: patients’ names, contact info, Social Security numbers, financial information, dates of birth, family information, medical records, prescription information, diagnosis and treatment history, and health insurance information.

However, in a filing with the US Department of Health and Human Services, only 500 individuals were thought to have been exposed.

Cyber-attacks on global healthcare organizations (HCOs) surged by 45% in the final two months of 2020 versus the previous two months, more than double the rate of those targeting other sectors, according to Check Point.

Ransomware recorded the largest increase overall and poses the biggest threat to HCOs, the vendor claimed.

What’s hot on Infosecurity Magazine?