January 9, 2024 at 09:06AM
The LockBit ransomware gang claimed responsibility for a November 2023 cyberattack on Capital Health. The healthcare organization restored all systems and services following an investigation of the incident. The gang stole over 10 million files including medical confidentiality data, and threatened to make the information public unless a ransom of $250,000 is paid.
From the meeting notes, it is clear that Capital Health fell victim to a cyberattack in November 2023, for which the LockBit ransomware gang claimed responsibility. The cyberattack resulted in network outages, triggering an investigation, law enforcement involvement, and a restoration process by Capital Health.
Despite this attack, the organization has confirmed that all services have been restored, and operations have returned to normal. They are also working with a forensics firm to determine the impact on patient and employee data. It is worth noting that the cyberattack did not involve the deployment of file-encrypting malware on its systems; the only reported activity was data exfiltration by the LockBit gang.
The gang claims to have stolen over 10 million files from Capital Health, including medical confidentiality data. Specifically, they compromised the Capital Health Regional Medical Center in Trenton, New Jersey. The cybercriminals have threatened to make the allegedly stolen information public unless a ransom of approximately $250,000 is paid. This incident is part of a larger trend of data breaches impacting healthcare providers in the US, affecting millions of individuals.
Additionally, the notes mention related articles on CISO conversations and cybersecurity healthcare toolkit released by CISA and HHS, as well as guidance on security posture for healthcare organizations.