The HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Medical Records from Prospect Ransomware Attack Appear on Dark Web

Posted By on Aug 29, 2023

Medical records extracted during the recent Prospect Medical Holdings ransomware attack are being allegedly offered for sale on the dark web according to social media sources. The notification of the sale has been interpreted as a signal to Prospect Medical Holdings to quickly respond to the hackers’ ransom demands.

On August 3, the Prospect Medical Holdings health system was hit by a ransomware attack that crippled operations at the health system’s 17 hospitals and 166 outpatient clinics. At the time, the perpetrators of the attack were unknown. However, last week, a notice appeared on the Rhysida dark leak site, claiming responsibility for the attack.

The notice also announced an auction of data hacked in the attack – the data consisting of more than 500,000 Social Security Numbers, passports of clients and employees, drivers’ licenses, patient files (profiles and medical histories), financial and legal documents. In all, it is claimed, the sale consists of 1TB of unique files and a 1.3TB SQL database.

The notice was accompanied by several snapshots of the stolen data – some of which has been independently verified as genuine by comparing the snapshots to publicly available records – and a price tag of 50 Bitcoin ($1,298,340). The addition of the price tag has led some sources to comment that the notice is intended to accelerate a ransom payment.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

It is not known at this time whether the sale will proceed or whether Prospect Medical Holdings will give in to the ransom demands. As of this past weekend, some services continue to be suspended and staff in some medical units are still having to rely on paper records. A spokesperson for Prospect Medical Holdings also issued the following statement:

“We have become aware that Prospect Medical data was taken by unauthorized actors, the nature of which is being actively examined. If the investigation determines that any protected health or personal information is involved, we will provide the appropriate notifications in accordance with applicable laws. Because our investigation is ongoing, we do not have additional information to share at this time. We are taking all appropriate measures to address this incident.”

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist