LockBit hits Chicago hospital

The ransomware gang LockBit says they won’t interfere with patient care, but will leak patient data if they don’t receive $900k.

By admin

Feb 2, 2024, 4:13 PM

Ransomware gang LockBit has targeted Saint Anthony Hospital in Chicago, demanding $900k in 48 hours or else patient records will be leaked to the dark web, The Record reported on Jan. 31.

Saint Anthony announced the cybersecurity incident on Jan. 29, stating that they first discovered unauthorized access on Dec. 18, 2023. The investigation concluded on Jan. 7, 2024 and found that an unknown actor had made copies of files containing patient information on Dec. 18.

“We took immediate action to secure the network, ensure that patient care was not disrupted and investigate to determine the nature and scope of the activity with assistance from leading cybersecurity specialists,” the hospital said in their statement.

They are advising patients to be on guard for incidents of identity theft. Two solutions they suggest is to put a fraud alert on their credit file or place a credit freeze on their credit report.

The payment deadline is Feb. 2 at 7:41 PM CST. A payment of $1,000 would give the hospital 24 more hours, reports The Register.

Saint Anthony reports they are currently working with the FBI and the U.S. Department of Health and Human Services (HHS).

LockBit ransomware gang strikes again

LockBit is considered the most active cybergang, taking responsibility for approximately 28% of reported ransomware activity, according to cybersecurity firm Flashpoint. They view themselves as the “Robin Hood” of cybergangs, says cybersecurity group BlackBerry.

Late last year, LockBit provided a decryption code for free to SickKids Hospital in Canada, who the cyber criminals claim was attacked by a LockBit affiliate who violated their code of conduct. They also issued a formal apology.

Earlier this month, LockBit claimed a cybersecurity incident at Trenton, New Jersey-based Capital Health.

“We purposely didn’t encrypt this hospital so as not to interfere with patient care,” the cybergang wrote of the attack. They estimated the value of the stolen files at $250,000.

LockBit posted information about Saint Anthony Hospital to its leak site on the dark web with the note, “Always US Hospitals put their greedy interest over those of their patients and clients.”

The U.S. healthcare system is a top target of LockBit and hospitals are considered “easy targets,” according to data from HHS.