PruittHealth notifies 5217 people of data breach that leaked SSNs medical records and more Comparitech
p
ppSoutheast US medical provider PruittHealth over the weekend notified 5217 people about a November 2023 data breach that compromised Social Security numbers financial data and health informationppRansomware group NoEscape claimed responsibility for the attack at the time It posted a sample of allegedly stolen documents on its website and says it stole 15 TB of data in total PruittHealth has not confirmed NoEscapes claimppPruittHealths notification states On December 7 2023 the hackers claimed to have published the files that they allegedly copied on their blog site However before PruittHealths forensic specialists could access the files the hackers claim to have published the hackers blog site was taken down and any files that they claimed to have published were no longer accessible As a result PruittHealth is not able to confirm whether your information is exposedppThe compromised data includes names dates of birth government ID numbers demographic info contact info addresses financial information Social Security numbers bank account numbers health insurance information and health information The notification specifically cites HIPAA which implies private medical records were compromisedppThe post on NoEscapes leak site published November 17 2023 reads The companys management is well aware of this incident but continues to remain silent for the 5th day If you guys continue to remain silent and do not contact us we promise to start launching new attacks and eventually we will publish all 15TB of data hereppWe do not yet know whether PruittHealth paid the ransom how much it was how attackers breached its network or why it took so long to notify victims Comparitech contacted PruittHealth for comment and will update this article if it respondsppComparitech recommends PruittHealth patients and employees monitor their credit reports bank statements and medical bills for suspicious activity The notification does not state whether PruittHealth will offer victims free identity theft protection or credit monitoring a common practice for breaches of this severity Instead it advises victims to set up their own fraud alerts and credit freezes and report identity theft to the FTCppNoEscape is a ransomware gang that first emerged in May 2023 It operates a ransomwareasaservice business model in which clients pay NoEscape a portion of proceeds to use the malware and get support It also employs DDoS attacks to disrupt target operations and coerce victims into paying ransomsppComparitech has recorded 28 confirmed ransomware attacks by NoEscape since it surfaced Its other recent victims include Southeastern Orthopaedic Specialists Kwik Inudstries and OE Federal Credit UnionppIts targets mostly span North America and Europe and notably not Russia or other former Soviet Union countries that are now part of the Commonwealth of Independent States CIS Targeted industries include professional services manufacturing healthcare construction and educationppNoEscape often extorts victims twice once for a decryption key to restore systems and again in exchange for not selling or publicly releasing stolen datappHospitals clinics and other healthcarerelated organizations are frequent targets for ransomware attacks Ransomware can disrupt key systems used for payment making appointments storing patient information and more Hospitals and clinics might be forced to cancel appointments and divert patients elsewhere or resort to pen and paper until systems are restoredppSince 2018 weve recorded 538 confirmed attacks on US healthcare organizations affecting almost 69 million records 20 of those attacks were reported in 2024ppOther recent ransomware attacks against US healthcare organizations include the Victoria Eye and Surgery Centers Singing River Health System and BAMSIppPruittHealth is a longterm healthcare provider with more than 180 locations in Georgia Florida North Carolina and South Carolina It specializes in senior living inhome healthcare poseacute care hospice care and skilled nursing care Its been in business for more than 50 years PruittHealth employs more than 13000 staff and serves 24000 patients every dayppCommentppName ppEmail pp
ppppΔdocumentgetElementById akjs1 setAttribute value new Date getTime ppThis site uses Akismet to reduce spam Learn how your comment data is processedppcomparitechfrontenddatatranslationscommentssubmittedpublishedafterapprovalp
ppSoutheast US medical provider PruittHealth over the weekend notified 5217 people about a November 2023 data breach that compromised Social Security numbers financial data and health informationppRansomware group NoEscape claimed responsibility for the attack at the time It posted a sample of allegedly stolen documents on its website and says it stole 15 TB of data in total PruittHealth has not confirmed NoEscapes claimppPruittHealths notification states On December 7 2023 the hackers claimed to have published the files that they allegedly copied on their blog site However before PruittHealths forensic specialists could access the files the hackers claim to have published the hackers blog site was taken down and any files that they claimed to have published were no longer accessible As a result PruittHealth is not able to confirm whether your information is exposedppThe compromised data includes names dates of birth government ID numbers demographic info contact info addresses financial information Social Security numbers bank account numbers health insurance information and health information The notification specifically cites HIPAA which implies private medical records were compromisedppThe post on NoEscapes leak site published November 17 2023 reads The companys management is well aware of this incident but continues to remain silent for the 5th day If you guys continue to remain silent and do not contact us we promise to start launching new attacks and eventually we will publish all 15TB of data hereppWe do not yet know whether PruittHealth paid the ransom how much it was how attackers breached its network or why it took so long to notify victims Comparitech contacted PruittHealth for comment and will update this article if it respondsppComparitech recommends PruittHealth patients and employees monitor their credit reports bank statements and medical bills for suspicious activity The notification does not state whether PruittHealth will offer victims free identity theft protection or credit monitoring a common practice for breaches of this severity Instead it advises victims to set up their own fraud alerts and credit freezes and report identity theft to the FTCppNoEscape is a ransomware gang that first emerged in May 2023 It operates a ransomwareasaservice business model in which clients pay NoEscape a portion of proceeds to use the malware and get support It also employs DDoS attacks to disrupt target operations and coerce victims into paying ransomsppComparitech has recorded 28 confirmed ransomware attacks by NoEscape since it surfaced Its other recent victims include Southeastern Orthopaedic Specialists Kwik Inudstries and OE Federal Credit UnionppIts targets mostly span North America and Europe and notably not Russia or other former Soviet Union countries that are now part of the Commonwealth of Independent States CIS Targeted industries include professional services manufacturing healthcare construction and educationppNoEscape often extorts victims twice once for a decryption key to restore systems and again in exchange for not selling or publicly releasing stolen datappHospitals clinics and other healthcarerelated organizations are frequent targets for ransomware attacks Ransomware can disrupt key systems used for payment making appointments storing patient information and more Hospitals and clinics might be forced to cancel appointments and divert patients elsewhere or resort to pen and paper until systems are restoredppSince 2018 weve recorded 538 confirmed attacks on US healthcare organizations affecting almost 69 million records 20 of those attacks were reported in 2024ppOther recent ransomware attacks against US healthcare organizations include the Victoria Eye and Surgery Centers Singing River Health System and BAMSIppPruittHealth is a longterm healthcare provider with more than 180 locations in Georgia Florida North Carolina and South Carolina It specializes in senior living inhome healthcare poseacute care hospice care and skilled nursing care Its been in business for more than 50 years PruittHealth employs more than 13000 staff and serves 24000 patients every dayppCommentppName ppEmail pp
ppppΔdocumentgetElementById akjs1 setAttribute value new Date getTime ppThis site uses Akismet to reduce spam Learn how your comment data is processedppcomparitechfrontenddatatranslationscommentssubmittedpublishedafterapprovalp
