US Healthcare Firm Loses 22GB of Data

US company Kootenai Health has explained that a significant cyber security attack hitting over 464k patients personal information was stolen and leaked by the 3AM ransomware hackers. 

Kootenai Health is a not-for-profit healthcare provider in the northern US State of Idaho, operating the largest hospital in the region, offering a wide range of medical services, including emergency care, surgery, cancer treatment, cardiac care, and orthopaedics.

Now the threat group which calls itself 3AM ransomware has  leaked about 22 gigabytes of data stolen from Kootenai Health. This compromised the personal and protected health information (PHI) of 464,088 individuals, including patients, employees, and their dependents. 

In a filing with the Office of Maine Attorney General, Kootenai Health said that on March 2, it identified unauthorised activities in its internal network. The healthcare provider immediately launched an investigation, with assistance from external cyber security experts, to determine the nature and scope of the incident. “The investigation revealed that an unknown actor may have gained unauthorised access to certain data from the Kootenai Health network on or about February 22, 2024,” the healthcare provider said.

The compromised data included names, dates of birth, Social Security numbers, driver’s licence or government-issued identification numbers, medical record numbers, medical treatment and condition information, medical diagnoses, medication information, and health insurance information.

Kootenai Health’s filing with the Maine state regulator also revealed that at least 464,088 individuals were impacted by the data security incident. While the healthcare provider did not name who was behind the cyber security incident, a group of threat actors going by the name “3AM ransomware” has claimed responsibility for the data security incident and listed Kootenai Health as a victim on its data leak site.  

The healthcare firm said that after it discovered the incident, it “implemented additional security features to reduce the risk of a similar incident occurring in the future,” notified the FBI, and said it will provide the authorities with all the information necessary to identify the hackers. 

Kootenai Health has advised all affected individuals to regularly monitor their credit reports, account and benefit statements and report any suspicious activity to law enforcement authorities, including the police and state attorney general. 

It has also offered one year of complimentary identity protection and credit monitoring services through IDX to all affected individuals.    

TEISS   |   Bleeping Computer    |    HIPAA Journal  |    Paubox   |   SCMagazine   |  Cyber Times

Image: Ayush Kumar

You Might Also Read: 

MediSecure Hack - Half The Australian Population Affected:


If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 


 

« Space: The Last Cybersecurity Frontier?
Iran Pays $Mulitmillion Ransom To Protect Its Banks »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

UCD Centre for Cybersecurity and Cybercrime Investigation

UCD Centre for Cybersecurity and Cybercrime Investigation

UCD Centre for Cybersecurity and Cybercrime Investigation is Europe's leading centre for research & education in cybersecurity, cybercrime and digital forensics.

WhiteHat Security

WhiteHat Security

WhiteHat’s products enable customers to “Hack Yourself First” so that they gain a greater understanding of the actual risk to their business.

FireMon

FireMon

FireMon is the only agile network security policy platform for firewalls and cloud security groups providing the fastest way to streamline network security policy management.

Telefonica Tech

Telefonica Tech

Telefónica Cyber Security Tech is focused on the prevention, detection and appropriate response to security incidents aimed at protecting your digital services.

GTB Technologies

GTB Technologies

GTB Technologies is a cyber security company that focuses on providing enterprise class data protection and data loss prevention solutions.

Centre for Development of Advanced Computing (C-DAC)

Centre for Development of Advanced Computing (C-DAC)

C-DAC is the premier R&D organization of the indian Ministry of Electronics & Information Technology. Areas of research include cyber security.

National Institute of Information and Communications Technology (NICT) - Japan

National Institute of Information and Communications Technology (NICT) - Japan

NICT is Japan’s sole National Research and Development Agency specializing in the field of information and communications technology.

Novastor

Novastor

NovaStor® is an award-winning, international data backup and recovery software company with solutions supporting physical, virtual and cloud environments.

Concordium

Concordium

Concordium aims to build the world’s leading open-source, permissionless, and decentralized blockchain with built-in user identity at the protocol level.

Slice

Slice

Slice offer subscription based Cyber Insurance for small businesses.

Measured Insurance

Measured Insurance

Measured Insurance are bridging the gap between technology and Insurance using AI-Powered analytics that track clients’ exposure in real time to create smarter insurance products.

CyberUK

CyberUK

CYBERUK is the UK government’s flagship cyber security event and the authoritative event for the UK’s cyber security community.

Delinea

Delinea

Delinea is a leading provider of cloud-ready privileged access management (PAM) solutions that empower cybersecurity for the modern, hybrid enterprise.

CyberHub

CyberHub

CyberHub is an educational platform that offers professional courses and knowledge sharing through articles and videos to help students discover their potential in cybersecurity.

Forward Networks

Forward Networks

Forward Networks - transforming networks to be more reliable, agile, and secure.

RapidFort

RapidFort

RapidFort’s Software Attack Surface Optimization Platform remediates 95% of software vulnerabilities in minutes without code changes.