daixin attacks OAKBEND

Incident Date:

September 13, 2022

World map

Overview

Title

daixin attacks OAKBEND

Victim

OAKBEND

Attacker

Daixin

Location

Jackson, USA

Richmond, USA

First Reported

September 13, 2022

OakBend Medical Center Hit by Ransomware Attack: A Comprehensive Analysis

Victim Profile

OakBend Medical Center, a nonprofit hospital system, serves the Houston metropolitan area with three hospitals, emergency centers, imaging centers, and physical therapy clinics. Renowned for its personalized patient care and community involvement, the center became a significant target for cybercriminals.

Size and Impact

The ransomware attack, occurring on September 1, 2022, compromised the sensitive data of over 500,000 individuals, potentially affecting more than one million patient records. The stolen data included names, dates of birth, addresses, email addresses, and social security numbers, marking a significant breach of privacy and security.

Vulnerabilities

This incident highlights the healthcare sector's susceptibility to cyber threats. The FBI Internet Crime Complaint Center (IC3) reports that healthcare accounts for 25% of ransomware complaints across all critical infrastructure sectors. The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have identified Daixin Team as the group behind this and similar attacks, emphasizing their focus on the Healthcare and Public Health (HPH) Sector since June 2022.

Mitigation Strategies

In response, OakBend Medical Center collaborated with experts from Microsoft, Dell, and Malware Protects to eradicate the malware and rebuild its IT infrastructure. The adoption of multi-factor authentication and the implementation of a new software system for threat monitoring are critical steps towards enhancing their cybersecurity posture.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.