alphv attacks CCS

Incident Date:

June 22, 2022

World map



alphv attacks CCS






Brunswick, United Kingdom

Stockton-on-Tees, United Kingdom

First Reported

June 22, 2022

Alphv Ransomware Attack on Count Care Services Limited

Company Overview

Count Care Services Limited, a healthcare services provider, has been targeted by the ransomware group Alphv, as reported on their dark web leak site. The company operates in the Healthcare Services sector and provides high-quality services in healthcare settings for emergency, long-term, and daily assignments. Known for its experienced nurses (RGN, RMN, RNLD) and care and support workers, it extends its services to hospitals, care homes, and secure units in the North East of England and Nationwide.

Vulnerabilities and Impact

The ransomware attack on Count Care Services Limited could have significant consequences for the company and its clients. The healthcare sector is a prime target for ransomware attacks due to the sensitive nature of its data and the critical services it provides. This attack could disrupt the flow of information, leading to delays in medical procedures, appointment cancellations, and compromised patient care. Additionally, the confidentiality of patient data is at risk, potentially exposing patients to identity theft and fraud.

Response and Mitigation

The healthcare industry has been grappling with the aftermath of the ransomware attack on Change Healthcare, a unit of UnitedHealth Group's Optum division, which was identified as the most significant and consequential incident of its kind against the U.S. health care system in history. The attack affected billing and care authorization portals, leading to prescription backlogs and missed revenue for providers, posing potential threats to worker paychecks and even patient care.

In response to the attack, federal officials have announced measures to help affected providers, including accelerated and advanced payments, relaxed prior authorization requirements for care, and consideration of offering advance funding to providers. The Department of Health and Human Services Office of Civil Rights has also initiated an investigation into the incident.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.