Lake Charles Memorial Health System Falls Victim to Ransomware Attack

The Lake Charles Memorial Health System fell victim to a data breach exposing sensitive medial data from more than 250,000 patients.  ABC 31 News’ Joel Massey has more on the breach and what victims can do about it.

Tony Sabaj head of engineering at Check Point Software says, “The Lake Charles Memorial Health System, obviously a large health care system in the Lake Charles area suffered a data breach and what is known is probably what’s called the hive ransomware group probably sent a ransomware attack to the Lake Charles System and they ended up releasing the information that they were able to exfiltrate or steal from the hospital system which usually points to the fact that there was a ransomware attack they did not pay the ransom so as penalty for not paying the ransom they’re releasing the data that they have found or exfiltrated in this attack.”

Sabaj said cyber attacks on healthcare systems such as this will continue as they are popular targets for hackers.

“Healthcare systems and hospital systems specifically are usually a very popular target for ransomware attacks and breaches of this nature.  The hive ransomware group that is purportedly behind this attack very often targets healthcare systems.  The reasons healthcare systems are targeted is one, they’re more apt to pay a ransom due to the fact that any outage of a clinical network can affect patient care so we’re talking about life and death and medical needs being met.  Also stealing data from medical systems the data is worth a lot of money on the dark web.”

Sabaj has this advice for people who may be victims of data breaches like this.

“If you’re a victim or a proposed victim of this attack what I would do is monitor your credit using any of the credit monitoring tools out there.  Many times as part of breaches like this they’ll include for a period of time some free credit monitoring services that are provided.  I would check your healthcare insurance records, make sure there’s no insurance fraud.  We do see people getting healthcare information and using it for healthcare billing fraud for getting prescriptions in someone else’s name for abuse of prescription drugs or illicit reselling of those prescription drugs.  So I’d look at your health insurance information and make sure there’s no unauthorized charges just like you would for a credit card.”

Sabaj said that the group behind this ransomware attack develops software for others to use to carry out breaches like this.

“We’re going to continue to see this type of attacks in the future.  The group behind this called hive ransomware was an offshoot of what has been reported as a Russian hacking group that sort of disbanded but gathered back together under a new name.  And this is what we call ransomware as a service so they develop the tools and techniques and the software and they let some of their agents and partners go out and use their software to attack different organizations.  And they provide the software and payment information for their partners that are using their software to employ ransomware.”