October 17, 2024 at 11:39AM
The BianLian ransomware group has attacked Boston Children’s Health Physicians, threatening to release stolen data unless a ransom is paid. The breach affects current and former employees, patients, and guarantors, exposing sensitive information. BHCP notified affected individuals and confirmed their electronic medical records remain secure.
### Meeting Takeaways:
1. **Ransomware Attack on BCHP**: The BianLian ransomware group has claimed responsibility for a cyberattack on Boston Children’s Health Physicians (BCHP), threatening to leak stolen data unless a ransom is paid.
2. **BCHP Overview**: BCHP is a comprehensive network of over 300 pediatric physicians and specialists across 60 locations in New York’s Hudson Valley and Connecticut, affiliated with Boston Children’s Hospital.
3. **Incident Timeline**:
– **September 6, 2024**: The IT vendor for BCHP detected unusual activity in its systems.
– **September 10, 2024**: BCHP identified unauthorized activity and activated incident response protocols, including shutting down systems.
4. **Investigation Findings**: A third-party forensic investigation confirmed that attackers accessed BCHP systems and exfiltrated sensitive files.
5. **Data Exposure**: The data compromised includes:
– Full names
– Social Security numbers
– Addresses
– Dates of birth
– Driver’s license numbers
– Medical record numbers
– Health insurance and billing information
– Limited treatment information
6. **Clarification on Systems Affected**: BCHP confirmed that the cyberattack did not affect its electronic medical record systems as they are hosted on a separate network.
7. **Notification and Support**: Affected individuals will receive a notification letter by October 25, 2024. Those whose SSNs and driver’s licenses were compromised will also receive credit monitoring and protection services.
8. **BianLian Ransom Demand**: The hackers have added BCHP to their extortion portal but have not yet leaked any data and have not set a deadline for negotiations.
9. **Norms Around Targeting Healthcare**: While ransomware groups typically avoid targeting children’s healthcare organizations, some groups disregard this ethical boundary.
10. **Previous Incidents**: A similar ransomware case involved Rhysida demanding $3.6 million from Lurie Children’s Hospital after stealing substantial data and causing service disruptions.
### Action Items:
– Monitor any updates or responses from BCHP regarding the situation.
– Prepare communication for affected individuals to ensure clarity and transparency.
– Consider reviewing and strengthening security measures in light of this incident.