Security News > 2023 > August > Rhysida ransomware behind recent attacks on healthcare
The Rhysida ransomware operation is making a name for itself after a wave of attacks on healthcare organizations has forced government agencies and cybersecurity companies to pay closer attention to its operations.
While some ransomware operations claim not to intentionally target healthcare organizations and even provide free decryption keys if done by mistake, Rhysida does not appear to follow the same policy.
Sources have told BleepingComputer that Rhysida is behind a recent cyberattack on Prospect Medical Holdings, which still experiences a system-wide outage impacting 17 hospitals and 166 clinics across the United States.
Rhysida has not taken responsibility for the attack yet, and PMH has not responded to emails on whether the ransomware gang is behind the attack.
CheckPoint's report goes a step further, linking Rhysida to the now-defunct Vice Society ransomware operation, based on the victim publishing times on the two extortion sites and their similar victim targeting patterns.
In conclusion, Rhysida has established itself in the ransomware space quickly, targeting organizations in various sectors and showing no hesitation in attacking hospitals.
News URL
Related news
- Kidney dialysis firm DaVita hit by weekend ransomware attack (source)
- Ahold Delhaize confirms data theft after INC ransomware claims attack (source)
- Interlock ransomware gang pushes fake IT tools in ClickFix attacks (source)
- Interlock ransomware claims DaVita attack, leaks stolen data (source)
- Ransomware attacks are getting smarter, harder to stop (source)
- Hitachi Vantara takes servers offline after Akira ransomware attack (source)
- Marks & Spencer breach linked to Scattered Spider ransomware attack (source)
- Ukrainian extradited to US for Nefilim ransomware attacks (source)
- US indicts Black Kingdom ransomware admin for Microsoft Exchange attacks (source)
- Co-op confirms data theft after DragonForce ransomware claims attack (source)