Another major US hospital hacked, data on 1.4 million patients leaked

Image Credit: Pixabay (Image credit: Image Credit: Pixabay)

The Tech University Health Sciences Center in Texas and El Paso confirmed suffering a cyberattack
Data on 1.4 million people were exfiltrated in the attack
A threat actor named Interlock claimed responsibility for the attack

Another major US hospital has suffered a cyberattack recently, and as a result, lost sensitive data on more than a million patients.

In an announcement published on its website, the Texas Tech University Health Sciences Center, and Texas Tech University Health Sciences Center El Paso (HSCs), confirmed suffering a “temporary disruption to some computer systems and applications.”

Subsequent investigation confirmed that the disruption was the result of a ransomware attack, in which “certain files and folders” were removed from the HSCs’ network. The attack allegedly happened on September 17, and was discovered more than a week later, on September 29.

Another hospital attacked

In the notice, it did not say how many people were affected, or who the attackers were, but in a separate filing with the U.S. Department of Health and Human Services Office for Civil Rights, it said the number was 1,465,000.

HSCs concluded that crooks stole sensitive data such as people’s names, date of birth, address, Social Security number, driver’s license number, government-issued identification number, financial account information, health insurance information and medical information, including medical records numbers, billing/claims data and diagnosis and treatment information.

The threat actor behind this attack is called Interlock, and appears to be a relatively new ransomware operation, which targets high-profile organizations and demands hundreds of thousands of dollars in ransom. The group recently added HSCs’ data to its leak website, where it showcased 2.1 million files, totaling 2.6 terabytes.

To combat the attack, HSCs are currently reviewing existing security policies and procedures, and are implementing additional safeguards to enhance system protection and monitoring, it was said in the announcement. Out of an abundance of caution, HSCs added, affected individuals are offered complimentary credit monitoring services, free of charge.

Via BleepingComputer

Healthcare organizations are having to pay millions to solve ransomware attacks
Here's a list of the best antivirus
These are the best endpoint protection tools right now

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.