April 9, 2024 at 02:08PM
Non-profit healthcare provider GHC-SCW experienced a ransomware attack in January, compromising the personal and medical data of over 500,000 individuals. Despite the breach, the attackers were unable to encrypt the compromised devices. GHC-SCW took preventive security measures and advised affected individuals to monitor their communications for any suspicious activity. The stolen information has not been reported for malicious use.
Key Takeaways from the Meeting Notes:
– Non-profit healthcare service provider Group Health Cooperative of South Central Wisconsin (GHC-SCW) experienced a ransomware attack in January 2024, leading to the compromise of personal and medical information of over 500,000 individuals.
– The attackers were unable to encrypt the compromised devices, and with the help of external cyber incident response experts, GHC-SCW secured its systems and brought them back online after containment.
– The stolen health data included sensitive information such as names, addresses, social security numbers, member numbers, Medicare and/or Medicaid numbers, and more.
– Despite strengthening security measures and advising affected individuals to monitor communications, GHC-SCW has not yet found evidence of the stolen information being used maliciously.
– The BlackSuit ransomware gang claimed responsibility for the attack, and GHC-SCW’s entry on the BlackSuit leak site indicates that the stolen files contain financial information, employees’ data, business contracts, and e-mail correspondence.
– The Royal ransomware gang, believed to be the direct successor of the Conti cybercrime group, has been linked to the BlackSuit operation and has breached the networks of at least 350 organizations worldwide, with over $275 million in ransom demands.
Overall, the meeting notes provide a comprehensive overview of the ransomware attack on GHC-SCW, the impact on individuals’ personal information, and the connection to the BlackSuit and Royal ransomware gangs.