Source 1 | 2022-11-16
“On October 25, Lake Charles Memorial Health System (LCMH) in Louisiana received an email that began, “Ladies and gentlemen! Attention, please! This is Hive Ransomware Team.” The remainder of the email stated that Hive had been in LCMH’s network for 12 days and had exfiltrated 270 GB of files including patient and employee data. A sample of files was attached to the email as proof of claims, and Hive also commented on what they had found (typos as in the original)“
“We know about your planned Splunk SIEM Product Justification Meeting. This system will not help to protect your network. It will only make a slightly delay in next data breach your network will face. Our organisation is also offers you full information about weak spots in your networks and best ways to protect your business to prevent further hack attacks, information we can share will help you to make such breaches economically disadvantageous for big hacking organisations and “very hard to do” for small ones.“
“Copies of the correspondence between Hive and LCMH and files were shared exclusively* with DataBreaches.net. On inquiry, Hive’s spokesperson stated that they had not encrypted any of LCMH’s files, but had just exfiltrated them. They also informed DataBreaches that in addition to emailing LCMH, they had called them on the phone. Multiple inquiries sent to LCMH executives during the last week of October by DataBreaches received no reply. On November 15, Hive provided DataBreaches with an email chain between Hive and LCMH and added LCMH to their dedicated leak site. Hive’s leak site notice did not provide any proof pack yesterday, but did start leaking data publicly today.“
Source 2 | 2022-12-28
“The Lake Charles Memorial Health System (LCMHS) has been sending notices of a large data breach that affected tens of thousands of people who have received care at one of its medical centers. It started on October 21, when the information security team of LCMHS detected “unusual activity” involving its computer network, the news release from the company says. An internal investigation then proceeded and a few days later concluded that hackers had gained unauthorized access to LCMHS’ network and then stole sensitive files.“
“The files, the medical firm said, contained patient information such as full names, physical addresses, dates of birth, medical records, patient identification numbers, health insurance and payment information, some clinical information regarding the received care, and, in a few cases, Social Security numbers. LCMHS is careful to stress that the unauthorized party did not access its electronic medical record, and the company is informing patients whose information may have been involved in the incident.“
“However, LCMHS also reported the incident to the Secretary of the US Department of Health and Human Services, and the portal for healthcare related breaches now reports that 269,752 individuals have been impacted by the incident. It’s interesting that the Hive ransomware group claims that the breach occurred on October 25, four days after LCMHS reported the first detection of the network intrusion. Also, Hive listed LCMHS on its data leak site on November 15, 2022, a step that typically comes after failed negotiations for paying a ransom.“
“LCMHS is the largest medical complex in Lake Charles, Louisiana, comprising a 314-bed hospital, a 54-bed women's hospital, a 42-bed behavioral health hospital, and a primary care clinic for uninsured US citizens. The Hive ransomware outfit has attacked US health organizations before. In March, it stole 850,000 personally identifiable information records from Partnership HealthPlan (PHP) of California. The US Cybersecurity and Infrastructure Security Agency has recently warned that Hive, which is linked to Russia, was one of the biggest threats online. Since Hive first surfaced, it has extorted some $100 million from more than 1,300 companies worldwide.“
Cybersecurity for Critical Infrastructure
SecuLore provides Managed Detection and Response (MDR) to protect our nation’s critical infrastructure from cyber threats. Our expertise is built on deep knowledge of 9-1-1 technology, cyberwarfare, and ethical hacking, ensuring the highest level of cybersecurity for public safety agencies.
