Norton Healthcare, a prominent healthcare system based in Louisville, Kentucky, disclosed a significant data breach following a ransomware attack on May 9, 2023. The breach exposed personal information of patients, employees, and dependents, triggering a comprehensive investigation aided by a leading forensic security provider and the involvement of federal law enforcement.
The breach impacted network storage devices, but crucial medical records or the Norton MyChart system remained unaffected. Unauthorized access between May 7 and May 9 led to the compromise of personal data, potentially including names, contact details, Social Security Numbers, birth dates, health and insurance information, and medical IDs. Some individuals’ information might also have included driver’s license numbers, financial account details, and digital signatures.
To mitigate risks for affected individuals, Norton Healthcare is providing two years of credit monitoring services.
The breach was claimed by the AlphV/BlackCat group on May 25, 2023, asserting the exfiltration of 4.7 TB of data and leaking files as evidence. However, the dark web leak site associated with the group is currently inaccessible. Speculation suggests a potential law enforcement intervention causing the site outage.