hiveleak attacks Family Christian Health Center
Incident Date:
January 25, 2022
Overview
Title
hiveleak attacks Family Christian Health Center
Victim
Family Christian Health Center
Attacker
Hiveleak
Location
First Reported
January 25, 2022
Ransomware Attack on Family Christian Health Center
Overview of the Incident
Family Christian Health Center (FCHC), located in Harvey, Illinois, experienced a significant security breach in November 2021 when it fell victim to a ransomware attack. This cyberattack compromised the protected health information (PHI) of approximately 31,000 individuals. Specifically, the attackers targeted FCHC's outdated dental system and electronic registration system, gaining unauthorized access to sensitive patient data.
Details of the Compromised Information
The data breach resulted in the exposure of a variety of personal information. For patients who had utilized dental services before August 31, 2020, the compromised data included names, birthdates, insurance card numbers, driver's license numbers, and copies of insurance cards and driver's licenses. Additionally, for individuals who received healthcare services between December 5, 2016, and August 31, 2020, the attackers accessed names, birthdates, addresses, insurance identification numbers, and Social Security numbers.
Response and Mitigation Efforts
In response to the breach, FCHC took immediate action by engaging a forensics consultant to thoroughly analyze the attack and recommend further security enhancements. Subsequently, the organization implemented additional technical safeguards aimed at bolstering its defense against future cyber threats. Despite these efforts, the incident underscores the persistent and evolving nature of cyber risks within the healthcare sector.
Implications for the Healthcare Industry
FCHC, a Federally Qualified Health Center (FQHC), is committed to providing comprehensive healthcare services that cater to the physical, spiritual, emotional, psychological, and financial well-being of the community it serves. This incident not only highlights the vulnerabilities present in healthcare institutions but also reflects a growing trend of cyberattacks targeting sensitive patient information. The increasing frequency of healthcare data breaches emphasizes the critical need for enhanced cybersecurity measures across the industry.
Sources
- U.S. Department of Health & Human Services, Office for Civil Rights Breach Portal. Available at: https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf
- HealthITSecurity, "November 2021 Healthcare Data Breach Report." Available at: https://healthitsecurity.com/news/november-2021-healthcare-data-breach-report
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.