Security News > 2023 > August > Rhysida ransomware behind recent attacks on healthcare
The Rhysida ransomware operation is making a name for itself after a wave of attacks on healthcare organizations has forced government agencies and cybersecurity companies to pay closer attention to its operations.
While some ransomware operations claim not to intentionally target healthcare organizations and even provide free decryption keys if done by mistake, Rhysida does not appear to follow the same policy.
Sources have told BleepingComputer that Rhysida is behind a recent cyberattack on Prospect Medical Holdings, which still experiences a system-wide outage impacting 17 hospitals and 166 clinics across the United States.
Rhysida has not taken responsibility for the attack yet, and PMH has not responded to emails on whether the ransomware gang is behind the attack.
CheckPoint's report goes a step further, linking Rhysida to the now-defunct Vice Society ransomware operation, based on the victim publishing times on the two extortion sites and their similar victim targeting patterns.
In conclusion, Rhysida has established itself in the ransomware space quickly, targeting organizations in various sectors and showing no hesitation in attacking hospitals.
News URL
Related news
- Change Healthcare faces second ransomware dilemma weeks after ALPHV attack (source)
- Change Healthcare’s ransomware attack costs edge toward $1B so far (source)
- BianLian Threat Actors Exploiting JetBrains TeamCity Flaws in Ransomware Attacks (source)
- JetBrains is still mad at Rapid7 for the ransomware attacks on its customers (source)
- Stanford: Data of 27,000 people stolen in September ransomware attack (source)
- US govt probes if ransomware gang stole Change Healthcare data (source)
- Nissan confirms ransomware attack exposed data of 100,000 people (source)
- TeamCity Flaw Leads to Surge in Ransomware, Cryptomining, and RAT Attacks (source)
- What the Latest Ransomware Attacks Teach About Defending Networks (source)
- Yacht dealer to the stars attacked by Rhysida ransomware gang (source)