Hive Ransomware Gang Attacks Lake Charles Memorial Health System

The Hive ransomware gang has attacked Lake Charles Memorial Health System (LCMHS). LCMHS is notifying nearly 270,000 individuals who have received care at its medical centers about a data breach. As the largest medical complex in Lake Charles, Louisiana, LCMHS encompasses various facilities, including a 314-bed hospital, a 54-bed women's hospital, a 42-bed behavioral health hospital, and a primary care clinic catering to uninsured citizens.

Details of the Cybersecurity Incident

In an announcement posted on the LCMHS website, it was revealed that a cybersecurity incident took place on October 21, 2022. The organization's security team identified unusual activity on the computer network, prompting an internal investigation. The investigation, which concluded on October 25, 2022, determined that unauthorized access had been gained by hackers into LCMHS' network, leading to the theft of sensitive files. These files contained personal information of patients, including their full names, physical addresses, dates of birth, medical records, patient identification numbers, health insurance details, payment information, and limited clinical information related to their received care. In some instances, Social Security numbers were also compromised.

LCMHS emphasized in its announcement that the network intruders did not gain access to the electronic medical records. "We will begin sending letters to affected patients, notifying them about the potential involvement of their information in this incident, starting from December 23, 2022," stated the notification.