In early November, Texas-based Cogdell Memorial Hospital, a Critical Access Hospital serving rural West Texas, faced a computer network incident affecting operational systems and phone connectivity. This led to restricted services, prompting the hospital to isolate its network while maintaining essential care.
Attributed to the Lorenz extortion group, responsible for a string of cyber assaults since April 2021, the breach involved the theft of over 400GB of sensitive data. This included internal files, patient medical images, and employee email correspondences. The group has initiated the upload of this data, signifying a grave breach in confidentiality.
The Lorenz gang typifies the alarming trend of ransomware attacks globally, employing a dual extortion model by pilfering data before encryption and coercing victims to pay exorbitant sums, ranging from $500,000 to $700,000. This underscores the rising frequency and severity of such cyber threats targeting healthcare entities.
Brett Callow, a prominent researcher, highlights the distressing statistics: this year alone, 29 US health systems encompassing 90 hospitals faced ransomware attacks, with nearly 23 experiencing data breaches. Recent months have witnessed similar incidents involving ALPHV/BlackCat, LockBit, and Rhysida ransomware groups targeting hospitals nationwide, perpetuating concerns about the vulnerability of healthcare organizations.
Notably, the LockBit gang, known for its “no healthcare attack” policy, breached hospitals earlier in the year, indicating internal breaches within the group leading to unauthorized attacks on healthcare entities. Incidents in France, including disruptions at the Hospital Centre of Versailles and Center Hospitalier Sud Francilien, underscore the global reach and disruptive nature of these cyber assaults.
In the US, Prospect Medical Holdings and Singing River Health System faced recent breaches, with Rhysida ransomware demanding a substantial $1.3 million ransom, highlighting the financial toll these attacks impose.