Ransomware gang claims responsibility for cyber attack on Georgia hospital

Memorial Hospital & Manor in Bainbridge, Georgia over the weekend announced it was the victim of a ransomware attack impacting access to electronic health records.

The hospital posted the following message on Facebook on November 3, 2024:

“ATTENTION!!! This is to inform you that Memorial Hospital and Manor is experiencing a ransomware incident. This impacts access to our Electronic Health Record system. While we believe this issue will not impact either the level or the quality of care we provide to our patients, we want to be fully transparent regarding this situation.

This attack was discovered early Saturday morning when employees were seeing notifications of potential risks found by our virus protection software.”

Ransomware group Embargo claimed responsibility for the attack, saying it stole 1.15 TB of data.

Ransomware gang Embargo adds Memorial Hospital to its leak site.

Memorial Hospital & Manor has not verified Embargo’s claim. We do not yet know what data was compromised, if the hospital paid a ransom, how attackers breached the hospital’s network, or how much Embargo demanded. Comparitech contacted Memorial Hospital and Manor for comment and will update this article if it responds.

The Facebook post goes on to say, “Please bear with us as you may experience longer wait times when you come to either the hospital or physician offices as we are working on a paper based process.”

Who is Embargo?

Embargo is a relatively new ransomware gang that started claiming attacks in April 2024. The group operates a ransomware-as-a-service business in which affiliates pay Embargo to use its malware and infrastructure to launch attacks and collect ransoms.

Comparitech researchers have tracked eight confirmed ransomware attacks claimed by Embargo. Memorial Hospital is the third US healthcare provider targeted by Embargo. The other two are NorthBay Healthcare and Weiser Memorial Hospital. The latter caused a four-week-long IT outage.

Ransomware attacks on US healthcare

Ransomware attacks on hospitals, clinics, and other care providers can steal data and lock down computer systems used for everything from accessing medical records to bill payments. Hospitals might be forced to cancel appointments and switch to pen-and-paper processes until a ransom is paid to unlock their computer systems.

Ransomware gangs ramped up their attacks on hospitals and clinics in 2024. Comparitech logged 98 confirmed ransomware attacks on US healthcare providers, including pharmaceutical companies and device manufacturers. Those attacks compromised 117 million records with an average ransom of $606,000.

Other big healthcare breaches in the last few months include attacks on Change Healthcare (100 million records compromised), Summit Pathology (1.8 million), OnePoint Patient Care (796,000), and Boston Children’s Health Physicians (909,000).

About Memorial Hospital and Manor

Memorial Hospital and Manor in Bainbridge, Georgia consists of an 80-bed hospital, a 107-bed long-term care facility, and a 22-bed personal care facility. It employs 475 people.


Source link
Exit mobile version