December 7, 2022


Business leisure

Hive ransomware group claims to steal California health plan patient data


We are enthusiastic to provide Completely transform 2022 back again in-man or woman July 19 and pretty much July 20 – August 3. Be a part of AI and knowledge leaders for insightful talks and interesting networking alternatives. Study Far more

The Hive ransomware group, regarded for attacking health care companies, posted on its darkweb web site that it has stolen 850,000 individually identifiable information and facts (PII) information from the Partnership HealthPlan of California.

The organization’s web-site at the moment is composed of a landing page that states the wellbeing system has been “experiencing complex complications,” which include a “disruption to particular computer system units.” The organization’s phone methods have a very similar message, with a recorded concept declaring that “all of our programs are down, with no expected time of fix.”

“We are working diligently with 3rd-celebration specialists to look into the supply of this disruption, validate its influence on our methods, and to restore entire operation to our techniques as shortly as possible,” the health plan explained in the information on its website, which is not dated.

The Partnership HealthPlan of California claims it has established up Gmail addresses for people and vendors to make contact with. VentureBeat has emailed the tackle for normal inquiries.

Brett Callow, a threat analyst at cybersecurity firm Emsisoft, claimed in a message to VentureBeat that “establishing alternate communication channels is a common enjoy in incident response.”

“Even if your e-mail process is operating, the attackers could have access and be in a position to watch communications,” Callow said.

Screenshot of the site for the Partnership HealthPlan of California (March 29, 4:30 p.m. PST)

The technological issues look to have started many times in the past. The Push Democrat documented on the problems on March 24, without point out of a cyberattack, and indicated that the health program has more than 618,000 members in Northern California.

The Hive ransomware team posted its assert about the stolen Partnership HealthPlan of California facts on Tuesday. The knowledge consists of 850,000 exclusive PII data, these types of as identify, social security amount and tackle, in accordance to the group. The stolen information also incorporates 400 GB of stolen files from the organization’s server, Hive claimed.

The ransomware team has been lively given that at minimum June 2021, which is the to start with time the team posted on its “HiveLeaks” darkweb web-site.

Earlier reported ransomware attacks by Hive have involved an August 2021 attack against Memorial Health Procedure, which has hospitals in Ohio and West Virginia, and an October 2021 attack against Johnson Memorial Health and fitness in Indiana.

A prior alert from the FBI warned that the Hive ransomware team “likely operates as an affiliate-based mostly ransomware, employs a huge variety of tactics, strategies, and techniques (TTPs), creating important difficulties for protection and mitigation.”

“Hive ransomware uses a number of mechanisms to compromise business enterprise networks, including phishing e-mail with destructive attachments to obtain entry and Remote Desktop Protocol (RDP) to shift laterally once on the network,” the FBI claimed. “After compromising a sufferer community, Hive ransomware actors exfiltrate details and encrypt files on the network. The actors leave a ransom observe in just about every influenced listing within a victim’s method, which delivers recommendations on how to purchase the decryption program. The ransom note also threatens to leak exfiltrated victim info on the Tor web page, ‘HiveLeaks.’”

VentureBeat’s mission is to be a electronic town sq. for complex selection-makers to get information about transformative company engineering and transact. Understand Extra


Source backlink