Clop Ransomware Gang Targets Major North Carolina Hospitals

September 17, 2023

The Clop ransomware group, also known as Lace Tempest, has reportedly stolen personal data from several major hospitals in North Carolina. The cyberattack was part of a campaign exploiting a vulnerability in the MOVEit Transfer platform, a managed file transfer system used by enterprises for secure file transfers. The healthcare technology firm Nuance, owned by Microsoft, is among the victims. The Clop group claimed to have hacked hundreds of companies globally by exploiting the MOVEit Transfer vulnerability. Nuance has launched an investigation into the incident with the help of cybersecurity experts and a law firm. The company confirmed that the Clop group may have stolen personal data at numerous North Carolina hospitals and other healthcare providers. The compromised data included the services people received and their demographic information. Nuance addressed the issue immediately after the software vendor, Progress, disclosed the flaw and released security updates to fix it. The company stated that 'Patches were installed as soon as they were available,' and added that 'Data privacy and security are among Nuance’s highest priorities.' The company also recommended that people review their account statements and monitor their free credit reports for suspicious activity. The cyberattack on the North Carolina hospitals is part of a larger trend of cyberattacks on US hospitals. Recently, the Rhysida ransomware group announced the hack of Prospect Medical Holdings and the theft of sensitive information from the organization. The cyberattack disrupted the computer systems of multiple hospitals operated by Prospect Medical Holdings in various states, forcing some emergency rooms to close and ambulances to be diverted. The Rhysida Ransomware group added three more US hospitals to its list of victims after the Prospect Medical attack. Singing River Health System, which operates three hospitals and other medical facilities, was hit by a cyberattack at the end of August. In June, the Idaho Falls Community Hospital was impacted by a cyberattack that forced some clinics to close and ambulances to be diverted to nearby hospitals. Another hospital in the same region, the Mountain View Hospital, also suffered a cyberattack that infected some systems of the hospital’s IT infrastructure.

Related News

• Massive MOVEit Hack Affects Nearly 1,000 Organizations and 60 Million Individuals
• Rapid7 Report Highlights High ROI for Ransomware and Increasing Use of Zero-Day Exploits
• Colorado Alerts 4 Million Citizens of Data Breach Following IBM MOVEit Exploit
• Rise in Ransomware Attacks Through Zero-Day Exploits: An Analysis
• US Government Contractor Maximus Suffers Massive Data Breach Affecting Millions

Latest News

• Fortinet Issues Fixes for High-Risk Vulnerabilities in Multiple Products
• Iranian Nation-State Actors Execute Password Spray Attacks on Global Scale
• Proof-of-Concept Exploit Published for Windows 11 'ThemeBleed' RCE Bug
• MGM Under Fire for Repeated Cybersecurity Lapses: BlackCat Ransomware Gang Suspected
• Mozilla Fixes Critical Zero-Day Vulnerability in Firefox and Thunderbird