The HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Hive RaaS Gang Leaks Stolen Consulate Health Care Data

Posted By on Jan 10, 2023

The Hive ransomware-as-a-service (RaasS) operation has claimed responsibility for an attack on Consulate Health Care, a Florida-based chain of 140 U.S. nursing homes. The group claims to have stolen 550 GB of data in the attack and said files were encrypted on December 3, 2022. The group posted on its leak site about the breach on January 6, 2023, and has already leaked some of the data allegedly stolen in the attack. The information stolen in the attack allegedly includes contracts, company information, employee information, and patient information such as medical records, Social Security numbers, contact information, and insurance information.

Consulate Health Care published a substitute breach notice on its website around the same time as Hive went public about the attack. In the website breach notice, Consulate Health Care claims the attack occurred at one of its (unnamed) vendors, which is still investigating the incident to determine the extent of the breach. Consulate Health Care said it is working closely with its vendor and has confirmed that the investigation is progressing as fast as possible to determine the extent to which protected health information was involved and which individuals have been affected. Consulate Health Care said, “we are providing this notice out of an abundance of caution as we value transparency.”

The Hive ransomware gang has a different view on the attack and claims no vendor was involved. Instead, a spokesperson for the group said in a conversation with DataBreaches that Consulate Health Care was attacked directly. The timing of the breach notice suggests that it refers to the same incident.

The Hive RaaS group is one of several ransomware gangs known to target the healthcare industry, including attacks on Lake Charles Memorial Health System in Louisiana which involved the data of 270,000 patients, and an attack on the New York ambulance service, Empress EMS, which affected up to 318,558 individuals. Due to the high risk of attacks, a joint cybersecurity advisory was issued by the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human Services (HHS) in November, 2022, which includes technical information about the tactics, techniques, and procedures used by the group and indicators of compromise for network defenders.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist