US Healthcare Firm Loses 22GB of Data

Uploaded on 2024-09-17 in FREE TO VIEW, BUSINESS-Services-Health & Welfare, TECHNOLOGY--Hackers

US company Kootenai Health has explained that a significant cyber security attack hitting over 464k patients personal information was stolen and leaked by the 3AM ransomware hackers. 

Kootenai Health is a not-for-profit healthcare provider in the northern US State of Idaho, operating the largest hospital in the region, offering a wide range of medical services, including emergency care, surgery, cancer treatment, cardiac care, and orthopaedics.

Now the threat group which calls itself 3AM ransomware has  leaked about 22 gigabytes of data stolen from Kootenai Health. This compromised the personal and protected health information (PHI) of 464,088 individuals, including patients, employees, and their dependents. 

In a filing with the Office of Maine Attorney General, Kootenai Health said that on March 2, it identified unauthorised activities in its internal network. The healthcare provider immediately launched an investigation, with assistance from external cyber security experts, to determine the nature and scope of the incident. “The investigation revealed that an unknown actor may have gained unauthorised access to certain data from the Kootenai Health network on or about February 22, 2024,” the healthcare provider said.

The compromised data included names, dates of birth, Social Security numbers, driver’s licence or government-issued identification numbers, medical record numbers, medical treatment and condition information, medical diagnoses, medication information, and health insurance information.

Kootenai Health’s filing with the Maine state regulator also revealed that at least 464,088 individuals were impacted by the data security incident. While the healthcare provider did not name who was behind the cyber security incident, a group of threat actors going by the name “3AM ransomware” has claimed responsibility for the data security incident and listed Kootenai Health as a victim on its data leak site.  

The healthcare firm said that after it discovered the incident, it “implemented additional security features to reduce the risk of a similar incident occurring in the future,” notified the FBI, and said it will provide the authorities with all the information necessary to identify the hackers. 

Kootenai Health has advised all affected individuals to regularly monitor their credit reports, account and benefit statements and report any suspicious activity to law enforcement authorities, including the police and state attorney general. 

It has also offered one year of complimentary identity protection and credit monitoring services through IDX to all affected individuals.    

TEISS   |   Bleeping Computer    |    HIPAA Journal  |    Paubox   |   SCMagazine   |  Cyber Times

Image: Ayush Kumar

You Might Also Read: 

MediSecure Hack - Half The Australian Population Affected:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 


 

« Space: The Last Cybersecurity Frontier?
Iran Pays $Mulitmillion Ransom To Protect Its Banks »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Civica

Civica

Civica provides cloud-based managed IT services, hosting and outsourcing.

INSUREtrust

INSUREtrust

INSUREtrust is a pioneer in the industry, inventing the concept of cyber insurance.

SonicWall

SonicWall

SonicWall provide products for network security, access security, email security & encryption.

Happiest Minds Technologies

Happiest Minds Technologies

Happiest Minds offers domain centric solutions in IT Services, Product Engineering, Infrastructure Management and Security.

National Cyber Security Directorate (DNSC) - Romania

National Cyber Security Directorate (DNSC) - Romania

DNSC (formerly CERT-RO) is the Romanian national cyber security and incident response team.

Operational Center for Information Systems Security (COSSI)

Operational Center for Information Systems Security (COSSI)

COSSI is responsible for the detection and mitigation of cyber attacks directed at French Government information systems.

Avira

Avira

Avira provide a portfolio of antivirus, security and performance applications for Windows, Android, Mac, and iOS.

CyberArrow

CyberArrow

CyberArrow (formerly EBDAA) is a consultancy company providing high quality consultancy services in Risk & Compliance and Awareness & Education.

Verafin

Verafin

Verafin is one of the North American leaders in fraud detection and AML software.

Ampliphae

Ampliphae

Ampliphae gives you an easy-to-deploy, sophisticated and affordable cloud-discovery, security and compliance platform.

Cybriant

Cybriant

Cybriant Strategic Security Services provide a framework for architecting, constructing, and maintaining a secure business with policy and performance alignment.

Dhound

Dhound

Dhound is a cybersecurity company providing web application penetration testing.

3B Data Security

3B Data Security

3B Data Security offer a range of Penetration Testing, Digital Forensics, Incident Response and Data Breach Management Services.

Pionen

Pionen

Pionen are a specialist information security consultancy with excellent people and proven security delivery methodologies at its core.

Acora

Acora

Acora provide a range of best-in-class managed services, Microsoft-centric business software, and cloud solutions designed to help mid-market organisations succeed in the digital economy.

Interlock

Interlock

Interlock are building blockchain-based security products that solve legacy web2 security issues - phishing and social engineering.