Capital Health faces a cybersecurity crisis with LockBit ransomware, stealing 10 million files. The gang demands a $250,000 ransom, highlighting growing threats to healthcare data security.
In a recent development, Capital Health has fallen prey to a severe cyberattack, leading to network disruptions. The organization took swift action, launching an immediate investigation, notifying law enforcement, and initiating the restoration process.
As of now, the healthcare provider assures that all services are fully operational, systems have been restored, and normal operations have resumed, as stated in their incident notification.
Forensic Investigation and Data Impact
Capital Health is actively collaborating with a forensics firm to assess the impact on patient and employee data. However, specific details regarding the nature of the cyberattack remain undisclosed. Notably, file-encrypting malware was not deployed on the systems, according to official statements.
The LockBit ransomware gang, claiming responsibility, asserts that their attack solely involved data exfiltration. Interestingly, the gang refrained from encrypting the hospital systems, emphasizing a deliberate decision to avoid disruption to patient care.
Data Exfiltration and Ransom Demand
- The LockBit group claims to have stolen over 10 million files from Capital Health, including sensitive medical confidentiality data.
- The cybercriminals specifically targeted the Capital Health Regional Medical Center, based in Trenton, New Jersey.
- On January 7, the LockBit group added Capital Health to its leak site, threatening to release the allegedly stolen information unless a ransom of $250,000 is paid.
Escalation of Healthcare Data Breaches
This incident adds to the rising concern of data breaches in the healthcare sector, following a trend in 2023. Several healthcare providers and their partners in the US reported impactful breaches, affecting tens of millions of individuals.
Noteworthy Breaches in 2023
- EasyPark Data Breach
- MongoDB Breached
- Samsung Notifies UK Customers
- Breach Paralyzes Key Australian Ports
These incidents underscore the urgent need for enhanced cybersecurity measures within the healthcare industry to safeguard sensitive patient information.