Ransomware gang Inc over the weekend claimed responsibility for a November cyber attack on Youth Eastside Services (YES), a mental health service for children and young adults based in Bellevue, Washington.
YES posted a notice on its website acknowledging the breach, saying employee, donor, and patient info were all compromised. YES has not publicly disclosed the number of victims notified.
The breached data includes:
- Names
- Medical record ID numbers
- Dates of birth
- Addresses
- Demographic info
- Diagnoses
- Clinical documentation
- Claim info
- Insurance info
- Service and appointment dates
YES has not verified Inc’s claim. On its leak site, Inc posted images of what it says are stolen documents to prove its claim.
“Our investigation determined that some of our computer systems were accessed by an unknown actor and on November 13-14 certain files were accessed and/or exfiltrated without authorization from our systems,” the notice from YES reads.
The notice does not mention any offer of credit monitoring or identity theft protection for victims.
We do not yet know if YES paid a ransom, how much Inc demanded, or how attackers breached the non-profit’s network. Comparitech contacted YES for comment and will update this article if it responds.
Who is Inc?
Inc Ransomware emerged in July 2023 and targets a wide range of victims in healthcare, education, and government. Its methods involve spear phishing and exploiting known vulnerabilities in software.
Inc claimed 69 attacks since it began posting targets to its leak site, compromising more than 4 million records. It claimed another 138 unconfirmed attacks that weren’t acknowledged by targets.
48 of those attacks happened in 2024. Recently, Inc claimed responsibility for a breach at The Coffee Bean and Tea Leaf, which issued data breach notices to almost 54,000 people after an April 2024 attack. Inc also claimed attacks on other healthcare organizations including the UK’s Alder hey Children’s NHS Foundation Trust and OnePoint Patient Care.
Ransomware attacks on US healthcare
Ransomware attacks on US hospitals, clinics, and other care providers can both steal data and lock down systems until a ransom is paid for a key to unlock them. Care providers might have to cancel appointments and divert patients until systems are restored, which can have life-threatening consequences. Doctors might be unable to communicate with patients, write prescriptions, or access medical records.
Comparitech researchers logged 143 ransomware attacks on US healthcare organizations in 2024, compromising more than 123 million records. The targets of those attacks include pharmaceutical companies and medical devices manufacturers in addition to hospitals and clinics. The average ransom is $5 million.
In December 2024 alone, ransomware gangs hit PIH Health, Taylor Regional Hospital, and PrimaryPlus.
November saw nine such attacks hit targets including YES and American Associated Pharmacies. AAP paid $1.3 million to the ransomware gang Embargo to restore systems, and Embargo demanded another $1.3 million in exchange for deleting stolen data.
About Youth Eastside Services
Youth Eastside Services offers mental health counseling and substance use treatment to people age 22 and under in East King County, Washington. Its offices are located in Bellevue, Kirkland, and Redmond. The non-profit provides on-site services to more than 50 schools and community centers in the Bellevue and Lake Washington school districts.
Source link
-
-
-
-
-
/cdn.vox-cdn.com/uploads/chorus_asset/file/25813560/monitors.jpg)
-
-
-
