Clop Ransomware Gang Targets Major North Carolina Hospitals

September 17, 2023

The Clop ransomware group, also known as Lace Tempest, has reportedly stolen personal data from several major hospitals in North Carolina. The cyberattack was part of a campaign exploiting a vulnerability in the MOVEit Transfer platform, a managed file transfer system used by enterprises for secure file transfers. The healthcare technology firm Nuance, owned by Microsoft, is among the victims. The Clop group claimed to have hacked hundreds of companies globally by exploiting the MOVEit Transfer vulnerability. Nuance has launched an investigation into the incident with the help of cybersecurity experts and a law firm. The company confirmed that the Clop group may have stolen personal data at numerous North Carolina hospitals and other healthcare providers. The compromised data included the services people received and their demographic information. Nuance addressed the issue immediately after the software vendor, Progress, disclosed the flaw and released security updates to fix it. The company stated that 'Patches were installed as soon as they were available,' and added that 'Data privacy and security are among Nuance’s highest priorities.' The company also recommended that people review their account statements and monitor their free credit reports for suspicious activity. The cyberattack on the North Carolina hospitals is part of a larger trend of cyberattacks on US hospitals. Recently, the Rhysida ransomware group announced the hack of Prospect Medical Holdings and the theft of sensitive information from the organization. The cyberattack disrupted the computer systems of multiple hospitals operated by Prospect Medical Holdings in various states, forcing some emergency rooms to close and ambulances to be diverted. The Rhysida Ransomware group added three more US hospitals to its list of victims after the Prospect Medical attack. Singing River Health System, which operates three hospitals and other medical facilities, was hit by a cyberattack at the end of August. In June, the Idaho Falls Community Hospital was impacted by a cyberattack that forced some clinics to close and ambulances to be diverted to nearby hospitals. Another hospital in the same region, the Mountain View Hospital, also suffered a cyberattack that infected some systems of the hospital’s IT infrastructure.

Related News

Latest News

Like what you see?

Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.

Subscribe Below

By submitting this form, you’re giving us permission to email you. You may unsubscribe at any time.

Accelerate Security Teams

Continuously identify and prioritize the risks that are most critical in your environment, and validate that your remediation efforts are reducing risk. An always-on single source-of-truth of your assets, services, and vulnerabilities.