Carthage Area Hospital and Claxton-Hepburn Medical Center are spearheading a legal battle aimed at retrieving stolen data from a LockBit ransomware attack, stored on servers belonging to a Boston-based cloud storage company. The North Star Health Alliance, serving a substantial population across various New York counties, confronts the fallout of this cyber breach, diligently striving to reclaim sensitive patient information, encompassing addresses, financial data, and health records. This initiative follows an incident in late August, where LockBit ransomware operatives infiltrated the hospitals’ systems, prompting a redirection of patients in need of urgent care to other medical facilities.
The severity of the situation lies in the extensive impact of the breach, as the compromised data, including personally identifiable and protected health information, was identified on the servers of Wasabi Technologies, intensifying concerns about the privacy and security of patient records. The hospitals’ legal endeavor involves requesting a court order mandating Wasabi to return the stolen data to North Star Health Alliance and directing the ransomware group, LockBit, to eradicate all copies made.
This lawsuit underscores the urgency to fortify healthcare systems against escalating cyber threats, especially with ransomware gangs increasingly disrupting critical services worldwide. LockBit’s global rampage, including disruptions at German hospitals on Christmas Eve and an attack on the Hospital for Sick Children in Toronto, highlights the widespread impact of cyber assaults on vital services. The joint advisory released by cybersecurity authorities in June revealed LockBit’s extortion of over $91 million from U.S. organizations through at least 1,700 attacks since 2020, emphasizing the need for robust security measures and heightened vigilance within the healthcare sector to safeguard sensitive patient data.
