blackbyte attacks Lamoille Health Partners
Incident Date:
July 6, 2022
Overview
Title
blackbyte attacks Lamoille Health Partners
Victim
Lamoille Health Partners
Attacker
Blackbyte
Location
First Reported
July 6, 2022
Lamoille Health Partners Suffers Ransomware Attack, Settles Class Action Lawsuit
Lamoille Health Partners, a healthcare services provider operating in the Lamoille Valley, has been the target of a ransomware attack that resulted in the exposure of sensitive patient data. The attack occurred in June 2022, and the company discovered the breach on June 13. The incident led to a class action lawsuit, which Lamoille Health Partners settled for $540,000.
The ransomware attack impacted 59,381 individuals, and the compromised data included names, addresses, Social Security numbers, health insurance information, birth dates, and medical treatment information. Despite the attack, Lamoille Health Partners did not have to pay any ransom to regain access to their system.
Lamoille Health Partners is a health program system that provides services to Lamoille County. The company operates various healthcare facilities, including Lamoille Health Family Medicine, Pediatrics, Family Dentistry, and Behavioral Health and Wellness in Morrisville; Lamoille Health Family Medicine and Pharmacy of Stowe; and Lamoille Health Family Medicine in Cambridge.
The settlement agreement requires individuals to submit a valid claim form by June 20, 2024, to receive settlement benefits. The final approval hearing for the settlement is scheduled for September 30, 2024.
The incident highlights the importance of robust cybersecurity measures in the healthcare sector, where sensitive patient data is a valuable target for threat actors. Despite the company's efforts to restore their systems from backups and investigate the incident, the attackers were able to access and potentially acquire certain documents from the organization's systems.
Lamoille Health Partners has not admitted wrongdoing but agreed to the settlement to resolve the class action lawsuit. The company's vulnerabilities in being targeted by threat actors are not explicitly stated in the available information, but the incident underscores the need for healthcare organizations to prioritize cybersecurity to protect patient data and prevent similar attacks in the future.
Sources
- Lamoille Health Partners | Healthcare Services in the Lamoille Valley
- HIPAA Vault - HIPAA Web Hosting & Cloud Solutions on LinkedIn
- Lamoille Health Partners to pay $540,000 Following Ransomware Attack
- Ransomware Attack at Lamoille Health Partners Impacts 59K
- Lamoille Health Partners Settles Class Action Data Breach Lawsuit for $540,000
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.