CT hospitals patient data at risk in monthlong cyber attack

pThis is a carousel Use Next and Previous buttons to navigateppRockville General Hospital on Friday August 4 2023 in ManchesterppA sign at ECHN Diagnostics blood draw center on Hartford Turnpike in Vernon directs patients to visit the Quest Diagnostics office after a cyberattack last week caused some of ECHNs facilities to shut their doorsppManchester Memorial Hospital on Friday August 4 2023 in ManchesterppRockville General Hospital on Friday August 4 2023 in ManchesterppThe ECHN Tolland Imaging Center on Monday August 7 2023 in TollandppEvergreen Imaging on Tamarack Ave is shutdown because of the cyber attack on ThursdayppProspect Medical Holdings is confirming new details about a massive data theft from three Connecticut hospitals and others around the country in a nearly monthold cyber attack by a shadowy worldwide extortion group known as RhysidappIn a written statement Prospect verified the attack has knocked computer systems offline and for the first time confirmed some information has been obtained by the hackers The federal Department of Health and Human Services has verified the cyber attackers as Rhysida and warns that the group has proven itself to be a significant threat to organizations worldwideppThis is a serious risk for health care organizations due to the amount of patient data that is shared over the connected network daily HHS said in an Aug 16 memoppProspect Medical Holdings officials have not publicly confirmed the extortion threats by Rhysida in the wake of the cyberattack that is disrupting Waterbury Hospital and the Eastern Connecticut Health Network which operates Manchester and Rockville General HospitalsppThe FBI and the state Department of Public Health is investigating the cyber attack in addition to the hospital chains internal probe of the breach The attack has disrupted or halted numerous hospital services as computer systems remain downppProspect said this week that we have now become aware that Prospect Medical data was taken by unauthorized actors the nature of which is being actively examined company officials said in the statement If the investigation determines that any protected health or personal information is involved we will provide the appropriate notifications in accordance with applicable laws Because our investigation is ongoing we do not have additional information to share at this time We are taking all appropriate measures to address this incidentppWe activated our incident response protocols which included shutting down and securing our systems and commencing an investigation and analysis A forensic investigation firm has been engaged to assist Prospect Medical in examining the incident We also notified and are working with law enforcement authorities Prospect officials saidppProspect operates 16 hospitals in California Connecticut Pennsylvania and Rhode Island as well as 166 outpatient clinics and centers The cyber attack on all of the companys operations is believed to have started on Aug 3 The company is based in CaliforniappFederal investigators say that Rhysida after first surfacing this past May follows a clear path after breaching computer systems and obtaining confidential data through phishing attacks threatening victims with ransom notes and demanding Bitcoin in paymentppIt is crucial for organizations to take proactive measures to protect their systems and data the federal Heath Sector Cybersecurity Coordination Center warned in a sector alert sent out across the country on Aug 4 the day after the attack on Connecticut hospitalsppThis group threatens to publicly distribute the exfiltrated data if the ransom is not paid the federal agency said Its victims are distributed throughout several countries across Western Europe North and South America and Australia ppThe attack comes as Yale New Haven Health is in the process of purchasing ECHN for 435 million The deal would include Waterbury Hospital Manchester Memorial and Rockville General HospitalsppDue to the sensitivity of this incident and law enforcement involvement we are unable to provide any additional information at this point Prospect officials saidppHHS investigators said that Rhysida attacks education government manufacturing and technology companies but that there have been recent attacks against the health care and public health sectorppCybersecurity experts have said that health care systems are a growing target because of the delicate nature of their work and the urgency of getting their computer systems fully operational in the event of a hackppThe FBI did not respond to a request for comment p