February 28, 2024 at 03:42PM
The Rhysida ransomware gang has claimed responsibility for the cyberattack on Lurie Children’s Hospital in Chicago, impacting medical care and compromising sensitive data. With ongoing efforts to restore IT systems, service disruptions persist, requiring manual processes and extended payment timelines. The gang threatens to sell stolen data for 60 BTC, posing a significant threat to patient privacy.
The meeting notes indicate that the Rhysida ransomware gang has claimed responsibility for a cyberattack on Lurie Children’s Hospital in Chicago. The attack has impacted the hospital’s IT systems, leading to disruptions in medical care and service operations.
The ransomware gang has listed the hospital on its extortion portal on the dark web, claiming to have stolen 600 GB of data and offering to sell it for 60 BTC ($3,700,000) to a single buyer. They have set a deadline of seven days, after which the data may be sold to multiple threat actors at a lower price or leaked for free on their platform.
As of the latest status update on February 22, 2024, efforts to restore the IT system at Lurie Children’s Hospital are ongoing, but service disruptions still impact various operational segments. The health records system, MyChart, remains offline, leading to longer wait times for appointments and prescription preparation being done by hand.
The disruption has resulted in some procedures and appointments being canceled and rescheduled. The hospital has extended the timeframe for covering medical bills and waived no-show fees for appointments due to the impact on payment systems.
The meeting notes also highlight a recent misstep by the Rhysida ransomware gang, as Korean researchers published a flaw in their encryptor, which could potentially be leveraged for decrypting files without paying a ransom. However, the decryptor that law enforcement previously used may not be effective in the group’s most recent attacks.
Additionally, if the ransomware gang’s claims of data exfiltration are accurate, it means that sensitive medical information of a large number of children has been compromised by cybercriminals.
These are the key takeaways from the meeting notes regarding the cyberattack on Lurie Children’s Hospital by the Rhysida ransomware gang.