The Ann & Robert H. Lurie Children’s Hospital of Chicago has recently disclosed the repercussions of a significant data breach that occurred in January. This cyberattack, orchestrated by the Rhysida ransomware group, compromised a substantial amount of sensitive health information. The hospital has reported that nearly 800,000 individuals were affected by the breach.
In response to the attack, the hospital had to take critical systems offline to prevent further damage, which severely hindered its ability to access medical records, communicate effectively with patients and staff, and forced parents to seek alternative medical providers for their children’s healthcare needs.
Regulatory filings this week in Texas, Maine, and California revealed that the attack exposed information such as names, addresses, Social Security numbers, medical records, and treatment details.
Lurie Children’s Hospital refused to pay the ransom demanded by the attackers. Instead, it has collaborated with cybersecurity experts and law enforcement to investigate the breach and attempt data recovery. Affected individuals have also been provided with two years of free identity protection services to mitigate the risk of identity theft resulting from the breach.
Why It Matters: This breach is the latest in a concerning trend of cyberattacks targeting healthcare institutions, which store vast amounts of sensitive data. Earlier this year, United Healthcare and Ascension Healthcare also experienced significant cyberattacks, resulting in extensive information exposure and operational disruptions for patients seeking medical treatment. Cybercriminals have increasingly targeted healthcare organizations, making stringent security protocols an essential priority in order to protect patient information and maintain operational integrity.
- Extent of Data Compromise: Nearly 800,000 individuals had their personal and health information exposed during the ransomware attack by the Rhysida Ransomware Group on the Lurie Children’s Hospital between January 26 to January 31, 2024. The compromised data included names, addresses, dates of birth, Social Security numbers, medical records, and treatment details.
- Rhysida Ransomware Group: Rhysida, a relatively new cybercriminal organization, has targeted various sectors, including healthcare, education, government, and manufacturing. Notable victims include the British Library and the Chilean Army. The group’s attacks often involve double extortion tactics, where they threaten to publish stolen data if the ransom is not paid.
- Law Enforcement Collaboration: Despite refusing to pay the ransom, the hospital is working closely with law enforcement agencies to retrieve stolen data and prevent further unauthorized use of the compromised information. They have offered victims two years of free credit monitoring and identity protection services.
Go Deeper -> Chicago Children’s Hospital says Nearly 800,000 Affected by January Ransomware Attack
Chicago Children’s Hospital Says 791,000 Impacted by Ransomware Attack – Security Week
Hundreds of Thousands Impacted in Children’s Hospital Cyberattack – Dark Reading