everest attacks MultiCare lnc

Incident Date:

October 18, 2022

World map



everest attacks MultiCare lnc


MultiCare lnc




Meridian, USA

Idaho, USA

First Reported

October 18, 2022

MultiCare Health System Suffers Ransomware Attack

Overview of the Incident

MultiCare Health System, a not-for-profit healthcare organization based in Washington state, recently fell victim to a ransomware attack orchestrated by the group known as Everest. This incident was disclosed on a dark web leak site. MultiCare, the largest locally-owned health system in Washington, boasts a network of ten hospitals and employs over 20,000 individuals, including volunteers and healthcare providers. The organization provides a comprehensive range of services, from inpatient and primary care to specialty services and pediatric care.

Previous Security Breaches

This is not the first cybersecurity challenge faced by MultiCare. In March 2021, a medical practice management firm affiliated with MultiCare was hit by a ransomware attack, potentially compromising the personal information of over 200,000 patients, providers, and staff. Another breach occurred in June 2022, involving a third-party data breach at Kaye-Smith, a mailing service provider for MultiCare, affecting over 23,000 individuals.

Response and Mitigation Efforts

In response to these incidents, MultiCare has undertaken significant steps to bolster its cybersecurity posture. Following the breach at Kaye-Smith, the company engaged cybersecurity experts to investigate the suspicious activity and confirmed that ransomware actors had been accessing and compromising files since May 2022. MultiCare has been proactive in notifying affected individuals and has implemented additional safeguards to enhance the protection of patient information.

The Importance of Cybersecurity in Healthcare

The recent ransomware attack on MultiCare underscores the critical importance of cybersecurity within the healthcare sector. Organizations in this sector are prime targets for cybercriminals due to the sensitive nature of the data they manage. It is imperative for healthcare providers to maintain rigorous cybersecurity measures to safeguard the sensitive information of their patients and staff.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.