RansomHouse团伙声称入侵芝加哥Loretto医院并窃取1.5TB敏感数据。该非盈利医院提供多种医疗服务。美国医院因管理大量敏感数据成为网络攻击目标。2024年美国医疗行业遭遇98起勒索软件攻击,影响1.17亿记录。Loretto医院曾在2023年发生一起前员工泄露患者监控录像的安全事件。 2025-3-10 12:32:22 Author: securityaffairs.com(查看原文) 阅读量:7 收藏
RansomHouse gang claims the hack of the Loretto Hospital in Chicago
Another American hospital falls victim to a ransomware attack; the RansomHouse gang announced the hack of Loretto Hospital in Chicago.”
The RansomHouse gang announced the hack of Loretto Hospital in Chicago, the groups claims to have stolen 1.5TB of sensitive data.
The Loretto Hospital is a not-for-profit, community-focused health care provider. They provide healthcare services including: primary care, geriatric medicine, vision care, behavioral health services, pediatrics, womens health, pediatric medicine, family planning and dental services. The hospital was founded in 1939 and is headquartered in Chicago, Illinois.
At the time of writing, the group has yet to publish any evidence of the alleged stolen data.
RansomHouse is a data extortion group that has been active since Dec 2021. Unlike other extortion group, the gang doesn’t encrypt data, but focuses on data theft to speed up its activity. Victims include AMD and Keralty. They shame non-payers by leaking data. Backups are insufficient; IPS is recommended for protection.
American hospitals are a privileged target for threat actors due to the huge trove of sensitive data they manage.
Ransomware attacks on U.S. healthcare providers surged in 2024, with 98 attacks compromising 117 million records. Hospitals often face system lockdowns, forcing a switch to manual processes. High-profile breaches include Change Healthcare (100M records), Summit Pathology (1.8M), OnePoint Patient Care (796K), and Boston Children’s Health Physicians (909K).
In 2023, Loretto Hospital experienced another data security incident. On January 19, 2023, a former employee misappropriated security camera footage of a limited number of patients and posted it on Facebook. The footage was removed after the incident was discovered. Loretto identified the impacted individuals and notified them by mail on March 15, 2023, offering guidance on protecting their information. The exposed information consisted of security camera footage of a small number of patients.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Loretto Hospital)
如有侵权请联系:admin#unsafe.sh