Security News > 2024 > March > The Week in Ransomware - March 1st 2024 - Healthcare under siege

Ransomware attacks on healthcare over the last few months have been relentless, with numerous ransomware operations targeting hospitals and medical services, causing disruption to patient care and access to prescription drugs in the USA. The most impactful attack of 2024 so far is the attack on UnitedHealth Group's subsidiary Change Healthcare, which has had significant consequences for the US healthcare system.

To make matters worse, the BlackCat ransomware operation, aka ALPHV, claims to have stolen 6TB of data from Change Healthcare during the attack, containing the personal information of millions of people.

Another ransomware operation known as Rhysida, also known for its attacks on healthcare, has sunk to a new low by trying to sell the stolen patient data from Lurie Children's Hospital in Chicago.

Another ransomware known for targeting healthcare is Lockbit, which was hit with a law enforcement operation last week called Operation Cronos that allowed law enforcement to seize servers, data, and decryptors.

Finally, more ransomware gangs have jumped on the ScreenConnect RCE vulnerability exploitation train, including Black Basta and the Bl00dy ransomware gang.

The LockBit gang is relaunching its ransomware operation on a new infrastructure less than a week after law enforcement hacked their servers, and is threatening to focus more of their attacks on the government sector.

News URL

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-march-1st-2024-healthcare-under-siege/