LockBit’s breach raises concerns about the security of sensitive patient and employee data.
The LockBit ransomware group claimed responsibility for disrupting multiple facilities in New Jersey and Pennsylvania with a November cyberattack on a hospital system. Over the weekend, LockBit escalated by posting a threat on its extortion website against Capital Health, vowing to expose seven terabytes of stolen data.
The gang asserted targeting data from Capital Health Regional Medical Center in Trenton, stating they refrained from encrypting hospital systems to avoid hindering patient care. However, the hospital reported network outages and disruptions, including rescheduled surgeries and canceled appointments.
Capital Health, amidst ongoing assessments of potential risks, announced system restoration in December. Meanwhile, LockBit imposed a January 9 ransom payment deadline for the claimed data, intensifying the urgency.
Despite internal rules discouraging hospital attacks, LockBit continued targeting healthcare facilities, drawing criticism for an attack on Toronto’s Hospital for Sick Children in 2022.
Ransomware continues disrupting hospitals, causing challenges like ambulance diversions and appointment cancellations. A major concern is sensitive data theft, with a recent incident involving a ransomware gang exploiting data from a Seattle cancer center to extort patients.
In the last two weeks, healthcare companies reported data theft incidents. North Kansas City Hospital disclosed a vendor breach, compromising health insurance, demographics, and clinical operations data. Integris Health in Oklahoma warned of hackers attempting extortion using stolen data from its systems breached on November 28.
