The Rhysida ransomware gang has claimed the cyberattack on Lurie Youngsters’s Hospital in Chicago initially of the month.
Lurie is a number one pediatric acute care establishment within the U.S. that gives care to over 200,000 kids yearly.
The cyberattack compelled the healthcare supplier to take its IT programs offline and postpone medical care in some instances.
E-mail, cellphone, entry to MyChart, and on-premises web have been all impacted.
Ultrasound and CT scan outcomes have been rendered unavailable, affected person service prioritization programs have been taken down, and docs have been compelled to modify to pen and paper for prescriptions.
Right this moment, the Rhysida ransomware gang has listed Lurie Youngsters’s on its extortion portal on the darkish net, claiming to have stolen 600 GB of knowledge from the hospital.
Rhysida ransomware now presents to promote the stolen knowledge for 60 BTC ($3,700,000) to a single purchaser.
The deadline was set to seven days, after which the information will both be bought to a number of menace actors at a cheaper price or leaked free of charge on Rhysida’s platform.
Lurie Youngsters’s nonetheless impaired
As per the newest standing replace from Lurie Youngsters’s on February 22, 2024, effort to revive the IT system is ongoing, and repair disruptions nonetheless impression some operational segments.
Mother and father are suggested to carry a print of their insurance coverage card to their appointments together with their kids’s treatment bottles, because the well being information system that logs this knowledge is seemingly nonetheless offline.
MyChart stays unavailable, and wait instances are longer than common as prescription preparation remains to be finished by hand.
Some procedures and appointments could also be canceled and rescheduled as issues are moved round to accommodate pressing care instances.
Because the fee programs are additionally impacted, the timeframe for protecting medical payments has been prolonged for so long as the outage lasts. Additionally, the hospital at the moment doesn’t cost no-show charges for appointments.
The Rhysida ransomware gang has had a misstep lately when Korean researchers printed the complete particulars of a flaw of their encryptor which might be leveraged for decrypting information with out paying a ransom.
Judging from the prolonged disruption at Lurie Youngsters’s, the decryptor that regulation enforcement used for a lot of months privately might not work within the menace group’s most up-to-date assaults.
Moreover, ought to Rhysida’s claims of knowledge exfiltration show correct, it signifies that the delicate medical info of a lot of kids has been irreversibly compromised by cybercriminals.