- Two United States health companies confirmed a cyber attack
- More than 300,000 victims have stolen confidential data
- Rhysida attributed the responsibility of the attack and added the data to its escape site
Ransomware Rhysida operators are assigned to the responsibility of cyber attacks in two medical care organizations in the United States.
On their data leakage site, they listed Sunflower Medical Group and Community Care Alliance (CCA). The first is a medical care provider in the metropolitan area of Kansas City that offers services such as primary care, urgent care, pediatrics and more. The latter is a unified human services agency that offers more than 50 programs.
Combined, it seems that more than 300,000 people have had their confidential data committed as a result of these attacks.
There is no abuse yet
In a public announcement published on its website, Sunflower said the attackers broke into the systems on December 15, but they were only seen and expelled a month later, around January 7.
During that time, they stole people’s names, addresses, birth dates, social security numbers, driver’s license numbers, medical information and health insurance information. In a presentation before Maine’s office, Sunflower said that 220,968 people were affected.
CCA, on the other hand, was beaten in July last year and states that criminals took names of people, addresses, birth dates, driver and SSN license numbers, as well as diagnoses and conditions, laboratory results, medications, patient identification numbers, health insurance information, supplier names and other data. His presentation before the office of the Attorney General of Maine places the number of people affected at 114,945.
As for Rhysida, ransomware operators claim to have 7.6 TB data in Sunflower data, including a 3TB SQL database, reports the record. Since the data still appears on the site, it means that the negotiations are ongoing or that they have broken down.
In any case, Rhysida has not yet leaked everything in the dark network, and at the time of the press, there were no indications of abuse in nature. Both organizations said they harden in security after the incident.
Through The registration
