© 2023 CyberNews - Latest tech news,
product reviews, and analyses.

If you purchase via links on our site, we may receive affiliate commissions.

Hive ransomware group hit Louisiana hospital, impacted 270,000 patients

The Lake Charles Memorial Health System (LCMHS) has been sending notices of a large data breach that affected tens of thousands of people who have received care at one of its medical centers.

It started on October 21, when the information security team of LCMHS detected “unusual activity” involving its computer network, the news release from the company says.

An internal investigation then proceeded and a few days later concluded that hackers had gained unauthorized access to LCMHS’ network and then stole sensitive files.

The files, the medical firm said, contained patient information such as full names, physical addresses, dates of birth, medical records, patient identification numbers, health insurance and payment information, some clinical information regarding the received care, and, in a few cases, Social Security numbers.

LCMHS is careful to stress that the unauthorized party did not access its electronic medical record, and the company is informing patients whose information may have been involved in the incident.

However, LCMHS also reported the incident to the Secretary of the US Department of Health and Human Services, and the portal for healthcare related breaches now reports that 269,752 individuals have been impacted by the incident.

It’s interesting that the Hive ransomware group claims that the breach occurred on October 25, four days after LCMHS reported the first detection of the network intrusion.

Also, Hive listed LCMHS on its data leak site on November 15, 2022, a step that typically comes after failed negotiations for paying a ransom.

Hive listed LCMHS on its data leak site on November 15. Image by Cybernews.

Finally, the group published the files allegedly stolen: these supposedly include bills of materials, cards, medical information, papers, scans, and more. It’s not yet clear if the files are authentic.

"Lake Charles Memorial Health takes this matter very seriously and is continuing to take steps to enhance the security of its systems and the information it maintains to help prevent something like this from happening again," the release states.

LCMHS is the largest medical complex in Lake Charles, Louisiana, comprising a 314-bed hospital, a 54-bed women's hospital, a 42-bed behavioral health hospital, and a primary care clinic for uninsured US citizens.

The Hive ransomware outfit has attacked US health organizations before. In March, it stole 850,000 personally identifiable information records from Partnership HealthPlan (PHP) of California.

The US Cybersecurity and Infrastructure Security Agency has recently warned that Hive, which is linked to Russia, was one of the biggest threats online. Since Hive first surfaced, it has extorted some $100 million from more than 1,300 companies worldwide.

More from Cybernews:

Cybercrime from Russia and China: what can we expect next?

Cybersecurity firm links Piers Morgan Twitter hack to massive leak of user data

Scammers prey on Indian users posting complaints on social media

BTC.com hackers steal $3 million worth of crypto

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are marked