Omni Family Health, a California-based nonprofit healthcare services organization, is notifying 468,344 individuals that their personal information was compromised in a data breach resulting from a cyberattack that occurred earlier this year.
The organization discovered the security breach on August 7, 2024, following claims that information was taken from its systems and leaked on the dark web. Their investigation revealed that the data posted was that of Omni’s current and former patients and employees.
Data exposed may have included:
- Names
- Addresses
- SSNs
- DOBs
- Health insurance details
- Medical information
The Hunters International ransomware gang claimed to have stolen 2.7 terabytes of data and listed the organization on its Tor leak site, releasing the stolen information on August 23.
Steve Hahn, EVP Sales US, BullWall has this to say
“As we start to wind down 2024 it has become abundantly clear that Healthcare is the primary (successful) target of these Ransomware gangs. This has been far and away their most profitable year targeting these organizations. Causing 10’s of billions of dollars in impact.
“Healthcare has an enormous attack surface, including personal devices and IoT, that give the threat actors nearly unlimited initial compromise points. They also have the most valuable data. The data that Omni Health is claiming was compromised could be used for 100s of nefarious purposes, such as blackmailing patients of high net worth directly, threatening to release damaging health records such as STI or mental health medication that could be ruinous to the careers of family lives of those patients. In other breaches they even released pictures of female breast cancer patients in a state of undress at what had to have been that patients most fragile state. These threat actors are largely Russia based and have shown there is no low they won’t sink to. These Ransomware Gangs are also likely to sell of the information of patients and the medications they take to buyers on the dark web. This would allow people to impersonate patients and refill their medications, particularly ones with high black market worth. The go-to play book here is to offer customers and patients of Ransomed companies “free credit monitoring”. In this case, an utterly worthless olive branch. In nearly every healthcare breach the lawsuits that ensue far eclipse the ransom payment.”
Once again I am writing a story on healthcare getting pwned. It should be abundantly clear by now that steps need to be taken by this sector to stop the madness. Because as it stands right now, threat actors are having a field day at our expense.
Related
This entry was posted on October 21, 2024 at 1:48 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Omni Family Health Pwned In Cyberattack
Omni Family Health, a California-based nonprofit healthcare services organization, is notifying 468,344 individuals that their personal information was compromised in a data breach resulting from a cyberattack that occurred earlier this year.
The organization discovered the security breach on August 7, 2024, following claims that information was taken from its systems and leaked on the dark web. Their investigation revealed that the data posted was that of Omni’s current and former patients and employees.
Data exposed may have included:
The Hunters International ransomware gang claimed to have stolen 2.7 terabytes of data and listed the organization on its Tor leak site, releasing the stolen information on August 23.
Steve Hahn, EVP Sales US, BullWall has this to say
“As we start to wind down 2024 it has become abundantly clear that Healthcare is the primary (successful) target of these Ransomware gangs. This has been far and away their most profitable year targeting these organizations. Causing 10’s of billions of dollars in impact.
“Healthcare has an enormous attack surface, including personal devices and IoT, that give the threat actors nearly unlimited initial compromise points. They also have the most valuable data. The data that Omni Health is claiming was compromised could be used for 100s of nefarious purposes, such as blackmailing patients of high net worth directly, threatening to release damaging health records such as STI or mental health medication that could be ruinous to the careers of family lives of those patients. In other breaches they even released pictures of female breast cancer patients in a state of undress at what had to have been that patients most fragile state. These threat actors are largely Russia based and have shown there is no low they won’t sink to. These Ransomware Gangs are also likely to sell of the information of patients and the medications they take to buyers on the dark web. This would allow people to impersonate patients and refill their medications, particularly ones with high black market worth. The go-to play book here is to offer customers and patients of Ransomed companies “free credit monitoring”. In this case, an utterly worthless olive branch. In nearly every healthcare breach the lawsuits that ensue far eclipse the ransom payment.”
Once again I am writing a story on healthcare getting pwned. It should be abundantly clear by now that steps need to be taken by this sector to stop the madness. Because as it stands right now, threat actors are having a field day at our expense.
Share this:
Like this:
Related
This entry was posted on October 21, 2024 at 1:48 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.