The Rhysida ransomware gang has claimed responsibility for the massive cyberattack on Prospect Medical Holdings, claiming to have stolen 500,000 social security numbers, corporate documents, and patient records.
The attack is believed to have occurred on August 3rd, with employees finding ransom notes on their screens stating that their network was hacked and devices encrypted.
Prospect Medical Holdings (PMH) is a US healthcare company operating 16 hospitals in California, Connecticut, Pennsylvania, and Rhode Island and a network of 166 outpatient clinics and centers.
The cyberattack caused the hospitals to shut down their IT networks to prevent the attack's spread, forcing hospitals back to using paper charts.
While PMH did not respond to queries about the security incident, BleepingComputer later learned that the Rhysida ransomware gang was behind the attack.
Ransom note shown on Prospect Medical Holding's devicesSource: BleepingComputer
Since then, PMH hospital networks, such as CharterCare, now state that systems are up and running again but are still restoring patient records.
"Work to input paper patient records used by our caregivers while our systems were down into our electronic medical record (EMR) system is ongoing," reads a notice on CharterCare.org.
However, BleepingComputer was told there had been no communication to employees about whether their data was stolen in the attack.
Rhysida claims attack
Rhysida is a ransomware operation that launched in May 2023 and quickly rose to notoriety after attacking the Chilean Army (Ejército de Chile) and leaking its data.
Earlier this month, the US Department of Health and Human Services (HHS) warned that the Rhysida gang ..
Support the originator by clicking the read the rest link below.
