The Rhysida Ransomware group has continued its spree of attacks on the healthcare sector, targeting three more US hospitals following the high-profile breach of Prospect Medical Holdings. The initial attack on Prospect Medical Holdings in early August caused severe disruptions in multiple states, leading to the closure of emergency rooms and diversions of ambulances.
Furthermore, the group claimed to have stolen a database containing sensitive data, including 500,000 social security numbers, patient records, and corporate documents. They demanded a 50 Bitcoin ransom (equivalent to $1.3 million) and threatened to leak the stolen data if their demands weren’t met.
Recently, cybersecurity researcher Dominic Alvieri discovered that the Rhysida Ransomware gang had expanded its victim list to include three hospitals and other medical facilities operated by Singing River Health System at the end of August.
This health system, which runs three hospitals and ten clinics, is a significant employer on the Mississippi Gulf Coast, employing about 3,800 people. The attack resulted in IT system outages that impacted several critical services, including laboratory and radiology testing.
Additionally, the incident highlights the vulnerability of smaller regional healthcare providers to cyberattacks and their potential to cause significant disruptions, as seen earlier with St. Margaret’s Health, which partially closed operations due to a ransomware attack in 2021.
As ransomware attacks on healthcare organizations continue to rise, the need for robust cybersecurity measures and effective response strategies becomes increasingly evident. These incidents not only disrupt vital healthcare services but also pose a serious threat to patient data security and privacy.
