Consulate Health Care suffers Hive ransomware attack

Ransomware gang Hive gained access to senior healthcare service provider Consulate Health Care (CHC) in early December and obtained 550 GB of data. CHC announced the ransomware attack on Jan. 6, 2023, the same day that Hive released some of their acquired information on their leak site. This is just the latest in an ongoing string of cybersecurity breaches involving healthcare data.

After failed ransom negotiations, Hive leaked all 550 GB of Consulate Health Care patient and employee data. Information includes phone numbers, email, credit card number, and insurance, as well as company contracts, NDAs, and employee Social Security numbers.

CHC said in their notice, “One of our vendors recently suffered a security incident in early December where cybercriminals targeted portions of their network. Our vendor promptly began working with third-party experts to help them investigate and respond to the incident,” and later, “We are in regular touch with our vendor, and we are closely monitoring the investigation. We understand that they are working to finish the investigation as quickly as they can.”

The FBI, Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human Services (HHS) issued a joint statement to warn industries about the Hive ransomware attack threat that continues to target the healthcare industry.

Related story: 5 tips for preventing healthcare system cyberattacks

Texas insurance provider Bay Bridge Administrators, LLC victim of cyberattack

Bay Bridge Administrators (BBA) has suffered a data breach that has compromised the personal information of over 250,000 people enrolled in employment insurance benefits administered by the company.

BBA began investigating a potential cybersecurity threat on Sept. 5, 2022, after experiencing a network disruption, and later confirmed that an unknown actor had accessed its network and obtained data. The compromised information includes names, Social Security numbers, dates of birth, medical information, and health insurance information.

BBA sent notice to victims in late December and is offering 24 months of free credit reporting and identity protection services to affected individuals.

Colonoscopy product provider compromises three years of data

Captify Health recently notified patients of a three-year data breach of its online portal site named Your Patient Advisory. Captify Health is an online retailer that provides colonoscopy preparation products to patients and collects health and payment information.

Captify Health was notified they might be the source of a potential data breach, after multiple credit card fraud investigations led back to them. In March 2021, they began an internal investigation that concluded malicious code was entered into their system, sending sensitive information to an unknown server. The investigation also revealed the initial breach lasted from May 26, 2019 to April 20, 2021. In that time, 244,296 patients’ information had been stolen. The investigation concluded on Oct. 13, 2022, and letters were sent to affected clients on Dec. 16, 2022.

In their letter they claim, “Out of an abundance of caution, we have taken steps to ensure our platform is safe and secure for all purchases.”

Related story: How to respond to a health system cyberattack

CentraState bounces back after ransomware attack

CentraState Healthcare System in New Jersey is still trying to recover from a cyberattack that occurred on Dec. 30, causing them to divert ambulances, delay care, and revert to paper record-keeping. According to a January 10th update, emergency services have been restored, but some lab locations are still experiencing IT issues. What caused the IT security issue remains unclear, but it’s suspected to be a ransomware attack.

Their advisory states, “CentraState is continuing to make progress restoring services and our emergency department continues to function at full capacity. Our high standards of patient care remain in place as we continue to see those scheduled for inpatient and outpatient procedures.”