Louisiana hospital ransomware attack affects 270,000 patients

The Lake Charles Memorial Health System (LCMHS) is sending out data breach notices affecting thousands of people who received care at one of its medical centers.

The LCMHS is the largest medical complex in Lake Charles, Louisiana, comprising a 314-bed hospital, a 54-bed women’s hospital, a 42-bed behavioral health hospital, and a primary care clinic for uninsured citizens.

According to the announcement posted on the LCMHS website, the cybersecurity incident occurred on October 21, 2022, when the organization’s security team detected unusual activity on the computer network.

An internal investigation concluded on October 25, 2022 revealed that hackers gained unauthorized access to LCMHS’ network and then stole sensitive files.

These files contained patient information such as:

  • Full names
  • Physical addresses
  • Date of birth
  • Medical records
  • Patient identification numbers
  • Health insurance information
  • Payment information
  • Limited clinical information regarding care received
  • Social security numbers (in some cases)

The LCMHS announcement clarifies that its electronic medical records were beyond the reach of network intruders.

“As of December 23, 2022, we are sending letters to patients whose information may have been involved in this incident,” the notification read.

“We are offering people whose Social Security number may have been included free credit monitoring and identity theft protection services. Patients are encouraged to review statements from their health insurers and healthcare providers. health, and to contact them immediately if they see services they have not received.” – LCMHS

The LCMHS reported the incident to the Secretary of the US Department of Health and Human Services (HHS). The Healthcare Violations Portal Now reports that 269,752 people were affected by the incident.

Hive ransomware claims the attack

Ransomware group Hive listed LCMHS on its data leak site on November 15, 2022, a milestone that usually occurs after failed negotiations for a ransom payment.

Interestingly, the hackers claim that the encryption took place on October 25, 2022, four days after LCMHS reported the first detection of the network intrusion.

Hive lists LCMHS on its Tor site
LCMHS breach posted on Hive ransomware data leak site
source: BleepingComputer

Hive also released the allegedly stolen files after breaching LCMHS systems.

Files listed include bills of materials, maps, contracts, medical information, papers, medical records, scans, residents, and more. BleepingComputer could not confirm whether these files are genuine or not.

If you have received care on LCMHS in the past, it is recommended that you remain vigilant of incoming communications asking you to provide personal information and payment data.

Also, you should monitor your bank statements and report any suspicious transactions to your bank immediately.


Source link