An Indiana neurology practice is notifying nearly 363,000 individuals that their sensitive information was compromised in a recent ransomware attack – and that some of their data was posted on the dark web.
The practice does not identify the ransomware group or data leak site, but Russian ransomware group Hive – which was the subject of a recent federal advisory to the healthcare sector – is implicated in the attack. Hive has been aggressively targeting the U.S. healthcare sector.
Nerve and gray matter specialists Goodman Campbell Brain and Spine, in a data breach report to Maine’s attorney general on July 19, says a “sophisticated” ransomware attack, which affected its computer network and communications system – including email and phones – resulted in a compromise to patient and employee information.
The practice says that after discovering the attack on May 20, it immediately took steps to secure its systems and engaged a forensic analysis and incident response firm. Goodman Campbell says it also notified the FBI.
An investigation into the incident subsequently determined that an unauthorized third party had acquired information from the practice’s systems, the organization says.
