Omni Family Health, a non-profit healthcare organization serving California’s Central Valley, has fallen victim to a significant ransomware attack executed by the Hunters International group. The incident, which was discovered on August 7, resulted in the exfiltration of approximately 2.7 terabytes of sensitive data, impacting both the organization and its patients. The stolen information encompasses nearly 2.9 million files, including critical data related to human resources, accounting, medical records, insurance information, and extensive employee databases. This breach raises serious concerns regarding the privacy and security of both the organization and the individuals whose information has been compromised.
Hunters International, the group responsible for the attack, operates under a Ransomware-as-a-Service (RaaS) model and emerged following the disruption of the Hive ransomware group in late 2023. This new group has demonstrated a considerable degree of technical overlap with Hive, suggesting it may be an offshoot or evolution of the previous operation. Unlike targeted attacks that focus on specific industries, Hunters International casts a wide net, seeking victims across various sectors and regions. While investigations have indicated potential links to Nigeria, the group is known for using fake identities to mask its true origins, complicating efforts to track its activities.
The exact methods used by Hunters International to penetrate Omni Family Health’s cybersecurity infrastructure remain unclear. However, the attack likely took advantage of vulnerabilities in the organization’s systems, which include a patient portal and telehealth services. Potential entry points for the attackers could include phishing schemes, unpatched software vulnerabilities, or weak access controls. The notable overlap in the ransomware code with that used by Hive suggests that Hunters International may have employed similar encryption methods and strategies to infiltrate the healthcare provider’s systems.
Established in 1978, Omni Family Health operates a network of 39 health centers across Kern, Kings, Tulare, and Fresno counties, employing over 200 healthcare providers. The organization is committed to providing a wide range of services, including general healthcare, dental care, and behavioral health, with a focus on accessibility and affordability. Utilizing a sliding fee scale for uninsured patients and offering telehealth services to reach remote and underserved populations, Omni Family Health has built a reputation for prioritizing patient care. In light of the recent cyberattack, the organization is working diligently to address the breach while maintaining its commitment to the safety and well-being of its patients.
Reference: