December 8, 2023 at 06:30PM
Norton Healthcare, a major Kentucky health system, was hit by a ransomware attack in May, exposing patient, employee, and dependent personal information. The incident involved unauthorized access to network storage devices, but not the medical record system. The attack was claimed by the BlackCat/ALPHV gang, highlighting the ongoing threat to healthcare organizations from ransomware attacks.
From the meeting notes, it is clear that Norton Healthcare experienced a ransomware attack in May, exposing personal information of patients, employees, and dependents. The attack was claimed by the BlackCat/ALPHV gang, who allegedly stole 4.7TB of data from compromised systems. This sensitive information included social security numbers, bank statements, and more. Norton Healthcare immediately began working with forensic security providers and notified federal law enforcement. Affected individuals, likely employees, will receive two years of free credit protection services. This incident reflects an ongoing trend of ransomware attacks targeting healthcare institutions in the United States, as highlighted by advisories from the U.S. government regarding operations like Royal, Venus, Maui, and Zeppelin.