Last week, Illinois-based Petersen Health Care, known for its extensive network of nursing homes across the US, has filed for bankruptcy following the impacts of two cyberattacks on its systems and defaults on its loans.
Petersen Health Care operates over 90 nursing homes with nearly 4,000 employees and a capacity to accommodate 6,796 residents with services ranging from assisted living to hospice care in Illinois, Missouri, and Iowa. While the company had more than $339 million in revenue last year its debts were more than $295 million.
In October 2023, a cyberattack claimed by the Cactus ransomware gang compromised the company’s network and led to the exposure of sensitive information.
Petersen had attempted to restructure its debt, but the cyberattack forced the company to replace its servers, email addresses, and software and consequently caused the company to lose a significant amount of its business records resulting in an “incredible difficulty and delay” in its attempts to bill customers and insurers, according to court filings.
Furthermore, the ransomware attack on UnitedHealth Group’s Change Healthcare, a major payor for Petersen, further exacerbated Petersen’s financial difficulties.
In the fallout of the two ransomware attacks, Petersen missed payments on $45 million of HUD loans, causing lenders to place 19 of its locations into receivership. Petersen has worked to transition those locations to the receiver’s control but has struggled to keep up with “demand-after-demand from the receiver” while also working to address its larger debt issues, further disrupting the company’s operations, compounding its financial woes.
Steve Hahn, Executive VP, BullWall:
“This is the first of many to come. Blackcat (AlphV), the largest player in the Ransomware space, has specifically said they will focus most of their attention on US Healthcare organizations as a result of the FBI lead attack on Blackcat’s infrastructure. The FBI claimed they “took down” Blackcat but within 24 hours Blackcat proved otherwise. Continuing attacks and saying specifically that US healthcare would be targeted more as a result. Considering this group is Russia based, there are economic principals at play here as this group has likely pulled in close to a billion dollars in Ransom in 2023, but it is also geo-political as many members of Blackcat have ties to former KGB bosses running the criminal underground and Putin was the head of the KGB. We believe he provides them cover in exchange for targeting the sectors Putin wants targeted.
“Their attacks have been financially ruinous to many. United Healthcare recently paid 22 million to this group to decrypt their data after being hit with Ransomware, but that’s peanuts compared to the billions in lost prescription refills caused by the attack. Truly, the impacts of this will likely be over $5 billion dollars when the dust settles. Attacks on hospitals, such as the Lehigh Valley Health Network not only encrypted data but the threat actor extorted the hospital for millions more, threatening to release hundreds of photos of breast cancer patients in states of undress. They trickled these out in batches as they demanded payment. It’s not certain how much they paid to the threat actor group, but the lawsuits will be ruinous to that health network as a result.
“Healthcare networks are easy targets. Massive numbers of IOT devices, doctors accessing systems with personal devices, thousands of connected providers and a sprawling attack surface make them sitting ducks. On top of that they have to pay to get their systems up and running or there will be loss of life.
“Another group of hospitals was recently hit in the Northeast and had to suspend operations as they transferred patients to other providers. It’s unknowable how many people have lost their life in 2023 because of these attacks but we know healthcare will continue to be the top target, that healthcare services will be impacted and the financial strain on these systems will cost hundreds of billions for our economy. Exactly what Russia wants.
“For healthcare, it’s not a matter of “if” it’s a matter of “when”. And they need backup plans, recovery plans and rapid containment plans to limit the effects. They can’t stop these, but they can minimize their impact.”
Getting pwned has a cost to it. And that cost could be anything from expensive to terminal for a business. This is why every organization needs to wrap their heads around prevention and mitigation as a strategy to avoid finding out what the cost of getting pwned is for them.
Like this:
Like Loading...
Related
This entry was posted on March 25, 2024 at 12:02 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Nursing Home Provider Files For Bankruptcy After Getting Pwned Twice
Last week, Illinois-based Petersen Health Care, known for its extensive network of nursing homes across the US, has filed for bankruptcy following the impacts of two cyberattacks on its systems and defaults on its loans.
Petersen Health Care operates over 90 nursing homes with nearly 4,000 employees and a capacity to accommodate 6,796 residents with services ranging from assisted living to hospice care in Illinois, Missouri, and Iowa. While the company had more than $339 million in revenue last year its debts were more than $295 million.
In October 2023, a cyberattack claimed by the Cactus ransomware gang compromised the company’s network and led to the exposure of sensitive information.
Petersen had attempted to restructure its debt, but the cyberattack forced the company to replace its servers, email addresses, and software and consequently caused the company to lose a significant amount of its business records resulting in an “incredible difficulty and delay” in its attempts to bill customers and insurers, according to court filings.
Furthermore, the ransomware attack on UnitedHealth Group’s Change Healthcare, a major payor for Petersen, further exacerbated Petersen’s financial difficulties.
In the fallout of the two ransomware attacks, Petersen missed payments on $45 million of HUD loans, causing lenders to place 19 of its locations into receivership. Petersen has worked to transition those locations to the receiver’s control but has struggled to keep up with “demand-after-demand from the receiver” while also working to address its larger debt issues, further disrupting the company’s operations, compounding its financial woes.
Steve Hahn, Executive VP, BullWall:
“This is the first of many to come. Blackcat (AlphV), the largest player in the Ransomware space, has specifically said they will focus most of their attention on US Healthcare organizations as a result of the FBI lead attack on Blackcat’s infrastructure. The FBI claimed they “took down” Blackcat but within 24 hours Blackcat proved otherwise. Continuing attacks and saying specifically that US healthcare would be targeted more as a result. Considering this group is Russia based, there are economic principals at play here as this group has likely pulled in close to a billion dollars in Ransom in 2023, but it is also geo-political as many members of Blackcat have ties to former KGB bosses running the criminal underground and Putin was the head of the KGB. We believe he provides them cover in exchange for targeting the sectors Putin wants targeted.
“Their attacks have been financially ruinous to many. United Healthcare recently paid 22 million to this group to decrypt their data after being hit with Ransomware, but that’s peanuts compared to the billions in lost prescription refills caused by the attack. Truly, the impacts of this will likely be over $5 billion dollars when the dust settles. Attacks on hospitals, such as the Lehigh Valley Health Network not only encrypted data but the threat actor extorted the hospital for millions more, threatening to release hundreds of photos of breast cancer patients in states of undress. They trickled these out in batches as they demanded payment. It’s not certain how much they paid to the threat actor group, but the lawsuits will be ruinous to that health network as a result.
“Healthcare networks are easy targets. Massive numbers of IOT devices, doctors accessing systems with personal devices, thousands of connected providers and a sprawling attack surface make them sitting ducks. On top of that they have to pay to get their systems up and running or there will be loss of life.
“Another group of hospitals was recently hit in the Northeast and had to suspend operations as they transferred patients to other providers. It’s unknowable how many people have lost their life in 2023 because of these attacks but we know healthcare will continue to be the top target, that healthcare services will be impacted and the financial strain on these systems will cost hundreds of billions for our economy. Exactly what Russia wants.
“For healthcare, it’s not a matter of “if” it’s a matter of “when”. And they need backup plans, recovery plans and rapid containment plans to limit the effects. They can’t stop these, but they can minimize their impact.”
Getting pwned has a cost to it. And that cost could be anything from expensive to terminal for a business. This is why every organization needs to wrap their heads around prevention and mitigation as a strategy to avoid finding out what the cost of getting pwned is for them.
Share this:
Like this:
Related
This entry was posted on March 25, 2024 at 12:02 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.