hiveleak attacks Goodman Campbell Brain and Spine- Greenwood
Incident Date:
June 8, 2022
Overview
Title
hiveleak attacks Goodman Campbell Brain and Spine- Greenwood
Victim
Goodman Campbell Brain and Spine- Greenwood
Attacker
Hiveleak
Location
First Reported
June 8, 2022
Goodman Campbell Brain and Spine Suffers Ransomware Attack by Hiveleak
Goodman Campbell Brain and Spine, a healthcare provider based in Carmel, Indiana, has been targeted by the ransomware group Hiveleak. The attack was announced on the dark web leak site, where the victim's website was listed. The company operates in the Healthcare Services sector and has been in existence since 2010, following the merger of the Indianapolis Neurosurgical Group and the Indiana University Department of Neurological Surgery.
Company Size and Unique Aspects
Goodman Campbell Brain and Spine is a large, independent surgical group that specializes in treating a wide range of conditions on the brain and spine, including aneurysms, concussions, pituitary disorders, spinal discs, tumors, injuries, and degenerative diseases. The company has a team of experienced surgeons and allied health professionals who are dedicated to providing exceptional care for patients, focusing on research, innovation, and collaboration.
Vulnerabilities and Impact
The ransomware attack on Goodman Campbell Brain and Spine occurred on May 20, 2022, and compromised patient and employee data, including names, birth dates, email addresses, medical record numbers, patient account numbers, phone numbers, physician names, treatment information, addresses, insurance information, dates of service, and Social Security numbers. The company immediately took steps to safeguard its affected systems, eradicate any malicious activity, and began restoring its systems.
The attack did not affect the practice's EMR system, but the attackers successfully accessed appointment schedules, insurance eligibility documentation, and referral forms. The impacted information was made available on the dark web for approximately 10 days. Goodman Campbell Brain and Spine notified nearly 363,000 individuals of the data breach and offered complimentary credit monitoring services.
Response and Mitigation
The company engaged a forensic analysis and incident response firm and notified the FBI cybercrimes division to assist with the case. It is unclear whether the hackers demanded ransom, as has been the case with other healthcare institutions. Goodman Campbell Brain and Spine has implemented new monitoring solutions to protect against future cyber attacks.
Sources
- Indianapolis Business Journal - https://www.ibj.com/
- HealthITSecurity - https://healthitsecurity.com/
- The HIPAA Journal - https://www.hipaajournal.com/
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.