In a shocking revelation, Singing River Health System, a prominent healthcare provider in Mississippi, is reeling from a malicious ransomware attack, affecting nearly 253,000 individuals. The cybercriminal group Rhysida, notorious for healthcare sector attacks, claimed responsibility for the assault, plunging Singing River’s IT systems into chaos last summer. The fallout included disruptions to patient services, such as laboratory and radiology testing, with the Epic electronic medical record system temporarily offline.
Mississippi Health System Breach Details
Singing River Health System disclosed to the Maine attorney general’s office that the breach, discovered on Aug. 19, 2023, involved unauthorized access within its IT environment between Aug. 16 and Aug. 18. Sensitive information, including patient names, birthdates, addresses, Social Security numbers, and medical data, may have been compromised. Although there’s no evidence of identity theft or fraud, the organization is offering affected individuals 12 months of complimentary identity and credit monitoring.
The Health Sector Cybersecurity Coordination Center issued a warning in August, highlighting Rhysida’s escalating attacks on the healthcare sector. The dark web monitoring site, DarkFeed.io, reported 76 total Rhysida victims, emphasizing the urgency of cybersecurity measures in the face of evolving ransomware tactics.
Disturbingly, the initial estimate reported to federal regulators suggested only 501 people were affected, a misleading placeholder figure. Security experts criticize such low-ball estimates, urging regulatory agencies to update figures promptly to provide accurate information to the public. Mike Hamilton, co-founder and CISO of Critical Insight, emphasizes the need for transparent reporting, considering the vast number of records compromised in recent breaches.
Singing River Health System reassures the public of its commitment to implementing additional safeguards and employee training to prevent future incidents. However, questions linger about the adequacy of current cybersecurity measures.
Tura Scandinavia AB Faces Repeat Cyberattack
In a parallel development, Tura Scandinavia AB, a company with a history of cybersecurity challenges, encountered another cyberattack. The LockBit ransomware group claimed responsibility, posting claims of intrusion on the dark web. The group escalated the situation by offering access to Tura Scandinavia AB’s corporate network, boasting possession of login credentials and passwords for internal and external services.
Scandinavian Company’s Cybersecurity Woes
The alleged success of the cyberattack is attributed to vulnerabilities in Tura Scandinavia’s corporate network, where a lack of fundamental security measures facilitated unauthorized access. The company’s refusal to address these issues and meet the ransom demands led to the sale of access to its compromised network. Law enforcement was notified, reflecting the severity of the situation.
As The Cyber Express closely monitors the unfolding situation, questions arise about the similarities between the recent attack and a previous incident. The history of cybercrimes against Tura Scandinavia AB raises concerns about the effectiveness of their cybersecurity efforts.
In a world increasingly plagued by ransomware threats, the dual incidents underscore the critical need for robust cybersecurity practices across healthcare and corporate sectors.
Thanks & Regards;Ashwini Kamble