Maryland-based nursing home facility Lorien Health Services has disclosed a ransomware attack. The incident impacted the data of around 50 thousand individuals.

Lorien Health Services Suffered Ransomware Attack

In a recent security note, Lorien Health Services disclosed that it suffered a ransomware attack.

As revealed, the incident hit the health facility on June 6, 2020, and the malware encrypted part of its data. Though, the facility quickly detected the incident and engaged cybersecurity experts to investigate the matter.

Consequently, on June 10, 2020, the investigated revealed that the attackers accessed personal information of Lorien Health Services customers.

According to the report Lorien Health Services submitted to the U.S. Department of Health and Human Services Office for Civil Rights (OCR), the incident precisely affected 47754 individuals.

Regarding the stolen information, the facility’s security notice revealed:

The information may have included residents’ names, Social Security numbers, dates of birth, addresses, and health diagnosis and treatment information.

Following the incident, the service reported the matter to the FBI and notified the affected customers of the matter.

They are also offering credit monitoring and identity protection services to the victims as well.

Netwalker Leaked Stolen Data Online

Though, Lorien Health Services did not specifically state anything about the attackers. Nonetheless, according to BleepingComputer, the service fell prey to the Netwalker ransomware gang.

As reported, Netwalker operators already disclosed the incident in June 2020, the same month of the attack. They shared screenshots of directory listings belonging to the facility as proof of the attack.

For now, they have dumped part of the stolen data online as a 147MB password-protected archive and the unlock key.

Besides, since they named this file as ‘Part 1’, they potentially hint about sharing more data in the future.

Though it remains unclear whether Lorien Health Services paid the ransom to the attackers, or the threat actors published the data as revenge for non-payment.

Let us know your thoughts in the comments.

The following two tabs change content below.

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Source link