Nearly a million people exposed after ambulance service attack


Fallon Ambulance Services, a now-defunct subsidiary of Transformative Healthcare, has suffered a ransomware attack, exposing nearly a million people.

Transformative has reached out to Fallon’s customers over a data breach that occurred earlier this year. In April, attackers breached Fallon’s data storage archive. Transformative says that it kept it to “comply with legal obligations.”

According to the breach notification, Fallon, which provided ambulance services in the greater Boston area, ceased operations in December 2022.

ADVERTISEMENT

Transformative’s letter claims that the attackers roamed the company’s systems from late February 2023 till late April of the same year.

“After an extensive review of the event, we identified that the activity appears to have occurred as early as February 17th, 2023 through April 22nd, 2023 and that files were obtained by an unauthorized party that may have contained personal information,” reads the breach notification.

While the ALPHV ransomware cartel claimed the company as a victim in late April, Transformative concluded the investigation into the incident on December 27th.

Information that the company submitted to the Maine Attorney General says 911,757 people were exposed in the attack, with victims’ driver’s license numbers and other IDs exposed.

After the ALPHV ransomware cartel claimed the healthcare services provider, the criminals said they’d exported a terabyte of data from the company, including medical reports, paramedics reports, sensitive patient details, and other information.

ALPHV has become one of the most prominent ransomware cartels of recent years. Most notably, the gang was behind the September ransomware attacks on the Las Vegas casino giants MGM Resorts and Caesars International, rumored to have paid a $15 million ransom to keep operations running.

However, in late 2023, the feds seized some of the ALPHV’s infrastructure and released a decryptor to combat the gang’s malware.

A decryptor serves as a key to any ransomware gang’s malicious software, ransomware, which encrypts files on the victim’s system and, in some cases, backups.

ADVERTISEMENT

Several experts that Cybernews has discussed ALPHV’s law enforcement problems with stressed that the release of a decryptor for ALPHV’s ransomware not only nullified at least some of the gang’s affiliate’s time spent extorting victims but also showed that the gang is far from invincible.