The Hive ransomware gang recently leaked 550 GB of stolen data from Consulate Health Care, including Personally Identifiable Information (PII) from customers and employees.
The attack, by a ransomware gang called Hive, is said to have taken place in early December, though it was not announced until January 6, 2023.
Hive said it had 550 GB of data stolen from the Consulate Health Care (CHC), a leading provider of senior healthcare services specializing in post-acute care. The gang has threatened to publish the stolen data to their leak site. Initially, Hive released samples of the leak as proof. Along with highly classified customer and employee information like phone numbers, emails, credit card numbers, and insurance, Hive is said to have stolen contracts, NDAs, and other agreements documents, private company info, and employee social security numbers. Though not all of those data types could be confirmed in the partial data leak, reports confirm that Hive had stolen much of the CHC’s data.
A security breach was reported by one of the victims of the attack, according to the Consulate Health Care website, stating:
“One of our vendors recently suffered a security incident in early December where cybercriminals targeted portions of their network. Our vendor promptly began working with third-party experts to help them investigate and respond to the incident. During that investigation, the vendor became aware that the unauthorized third party may have accessed records with personal information.” reads the Notice of Incident published by Consulate Health Care. “Although our vendor is still investigating the scope of that access, we are providing this notice out of an abundance of caution and because we value transparency.”
Consulate Health Care has ended negotiations with Hive after several weeks due to being unable to afford the reduced amount demanded by the cyber attackers. According to DataBreaches, the company’s insurance said it would not cover any ransom payments.
Dominic Alvieri, cybersecurity analyst and security researcher, is said to be the first to notice the attack. He shared his findings on Twitter, also confirming the failed agreement.
Cyberattacks on healthcare organizations are becoming a major financial issue as health systems struggle to cover the costs. As of March 2022, healthcare data breaches cost organizations an average of over 10 million dollars, according to IBM Security's annual Cost of a Data Breach Report. The IBM report has also shown that over the past 12 years, healthcare firms have suffered the most financial losses due to data breaches.
Hive representatives told Data Breaches that they "did not attack any CHC vendor but had attacked CHC directly," contradicting the CHC's notification that an attack against a vendor caused the data breach.