A ransomware attack was reported by the Professional Finance Company Inc. (PFC) in late February which resulted in a massive data breach affecting over 650 healthcare organizations.
What all was exposed?
PFC has provided a PDF file containing the names of 657 healthcare entities impacted due the Quantum attack.
An investigation revealed that the attackers accessed files containing personal information.
Exposed personal information included patients' first and last names, addresses, accounts receivable balance, and payments made to accounts.
Some of the files also contained dates of birth, social security numbers (SSNs), and health insurance and medical treatment information.
Cybersecurity experts claimed that the members of the Quantum ransomware gang were behind the February attack. However, PFC hasn't officially admitted or confirmed.
The MountLocker ransomware operation, which was initially used in operations beginning in September 2020, was rebranded as Quantum ransomware.
After Conti shut down in June 2021, some members of the Conti cybercrime syndicate joined the ranks of the Quantum operation. This rebranding is just a component of Conti's new operating method, wherein its members have either compromised other ransomware operations or taken over control of them.
Attacks on healthcare organizations are on the rise. Healthcare firms had a dramatic 94 percent increase in ransomware attacks in 2021, according to Sophos. Also, the sector witnessed the second-highest attack recovery cost of $1.85 million across all sectors.
Incessant attacks continue to expose patients' private information and financial data and put the industry in danger of suffering significant losses.