The Hive ransomware-as-a-service (RaasS) operation has claimed responsibility for an attack on Consulate Health Care, a Florida-based chain of 140 U.S. nursing homes. The group claims to have stolen 550 GB of data in the attack and said files were encrypted on December 3, 2022. The group posted on its leak site about the breach on January 6, 2023, and has already leaked some of the data allegedly stolen in the attack. The information stolen in the attack allegedly includes contracts, company information, employee information, and patient information such as medical records, Social Security numbers, contact information, and insurance information.
Consulate Health Care published a substitute breach notice on its website around the same time as Hive went public about the attack. In the website breach notice, Consulate Health Care claims the attack occurred at one of its (unnamed) vendors, which is still investigating the incident to determine the extent of the breach. Consulate Health Care said it is working closely with its vendor and has confirmed that the investigation is progressing as fast as possible to determine the extent to which protected health information was involved and which individuals have been affected. Consulate Health Care said, “we are providing this notice out of an abundance of caution as we value transparency.”
The Hive ransomware gang has a different view on the attack and claims no vendor was involved. Instead, a spokesperson for the group said in a conversation with databreaches.net that Consulate Health Care was attacked directly. The timing of the breach notice suggests that it refers to the same incident.
The Hive RaaS group is one of several ransomware gangs known to target the healthcare industry, including attacks on Lake Charles Memorial Health System in Louisiana which involved the data of 270,000 patients, and an attack on the New York ambulance service, Empress EMS, which affected up to 318,558 individuals. Due to the high risk of attacks, a joint cybersecurity advisory was issued by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human Services (HHS) in November, 2022, which includes technical information about the tactics, techniques, and procedures used by the group and indicators of compromise for network defenders.
The post Hive RaaS Gang Leaks Stolen Consulate Health Care Data appeared first on HIPAA Journal.