Two not-for-profit hospitals in New York are looking for a court docket order to retrieve information stolen in an August ransomware assault and now saved on the servers of a Boston cloud storage firm.
Carthage Space Hospital and Claxton-Hepburn Medical Middle (the assault’s victims) have based the North Star Well being Alliance, a collaborative partnership centered on offering healthcare companies throughout the northern New York space.
Collectively, they serve greater than 220,000 residents residing in Jefferson, northern Lewis, southern St. Lawrence Counties, Ogdensburg, and St. Lawrence County.
The LockBit ransomware gang claimed duty for breaching and stealing delicate recordsdata from their techniques in late August, with a press launch revealed by the hospitals one week later saying the incident compelled them to redirect sufferers requiring urging care to different hospitals’ emergency departments.
“Carthage Space Hospital and Claxton Medical Middle Info Know-how (IT) groups proceed work to stabilize all techniques following a cybersecurity incident found by inside safety software program final Thursday night time,” the hospitals stated.
“All sufferers with appointments that should be re-scheduled shall be contacted. Any affected person with pressing well being concern ought to nonetheless name their healthcare supplier. Sufferers with emergency situations ought to go to their nearest emergency division.”
Whereas investigating the incident with the FBI’s assist, the hospitals discovered that the info stolen by Lockbit’s associates (together with sufferers’ names, addresses, dates of start, monetary data, social safety numbers, medical health insurance, and different personally figuring out and guarded well being data) is now saved on the servers of Wasabi Applied sciences, a cloud storage firm in Boston, Massachusets.
Lawsuit to recuperate stolen PII and well being information
In a bid to recuperate the stolen information from Wasabi’s servers, the hospitals have now taken authorized motion in opposition to the cybercriminals who stole the recordsdata, asking the court docket to order Wasabi to return the stolen information to the North Star Well being Alliance hospitals and challenge an order requiring the ransomware group to destroy all of the copies they made.
“So the best choice explored by our authorized crew and dealing with the FBI is definitely going after that firm to get our secluded information in order that we could be positive what data was leaked,” North Star Well being Alliance CEO Richard Duvall advised 7News.
In accordance with court docket paperwork, the cloud storage agency has already supplied the FBI with copies of the info requested by the hospitals.
“The Hospital Group requires injunctive reduction in opposition to the Defendants and different entities, stopping the entry, switch or duplication of the Stolen Knowledge and requiring that, after the Stolen Knowledge is returned to the Hospital Group, all different copies of the Stolen Knowledge be destroyed,” the grievance reads.
“Upon Info and perception, Wasabi has already supplied copies of the stolen information to the FBI.”
LockBit has additionally disrupted emergency care at three German hospitals on Christmas Eve, forcing them to divert emergency instances elsewhere, leading to potential crucial delays. One other LockBit affiliate attacked the Hospital for Sick Youngsters (SickKids) in Toronto one week earlier than final Christmas, inflicting diagnostic and remedy delays.
The LockBit ransomware-as-a-service (RaaS) operation was first noticed in September 2019, with its sufferer record together with the Continental automotive big, the UK Royal Mail, the Metropolis of Oakland, and the Italian Inside Income Service.
A joint advisory revealed in June by cybersecurity authorities worldwide revealed that this ransomware gang has extorted no less than $91 million from U.S. organizations following no less than 1,700 assaults since 2020.
