LockBit 3.0 Strikes Malama I Ke Ola Health Center
Incident Date:
June 7, 2024
Overview
Title
LockBit 3.0 Strikes Malama I Ke Ola Health Center
Victim
Malama I Ke Ola Health Center
Attacker
Lockbit3
Location
First Reported
June 7, 2024
LockBit 3.0 Ransomware Attack on Malama I Ke Ola Health Center
Overview of Malama I Ke Ola Health Center
Situated in Wailuku, Maui, Hawaii, Malama I Ke Ola Health Center is a comprehensive primary care clinic serving nearly 12,000 patients. The center offers integrated health services focusing on physical, mental, and behavioral health. Their family-centered approach includes care for newborns, children, adolescents, and young adults up to 26 years of age. The health center also provides OB/GYN and dental services, and their street medicine team delivers care to homeless and marginalized populations.
Details of the Ransomware Attack
In early June 2024, the LockBit 3.0 ransomware group executed an attack on Malama I Ke Ola Health Center, causing significant operational disruptions. The health center abruptly closed due to IT issues and remained shut for over two weeks, recently reopening with limited services and resorting to paper charting. Patients were initially informed of the closure via text on May 7th, followed by multiple extensions, causing considerable stress for both patients and staff. Concerns have arisen regarding the challenges of reverting to paper records and the potential backlog once systems are restored. Despite fears of data breaches, there has been no confirmation of any breach of confidentiality.
About LockBit 3.0 Ransomware Group
LockBit 3.0, also known as LockBit Black, is an advanced variant of the LockBit ransomware group, emerging in 2022. It operates under a Ransomware-as-a-Service (RaaS) model, allowing other cybercriminals to use their malware for attacks. LockBit 3.0 is known for its enhanced infection capacities and customization options, making it one of the most dangerous and disruptive ransomware threats. The group has been actively recruiting affiliates and targeting a wide range of businesses and critical infrastructure organizations globally.
Potential Vulnerabilities and Penetration
The attack on Malama I Ke Ola Health Center coincided with the center's planned transition to a new electronic health record system starting April 20th, leading to speculation about its role in the IT issues. The health center's reliance on digital systems for comprehensive care made it a prime target for ransomware attacks. LockBit 3.0's ability to move laterally through a network and delete traces of itself likely facilitated the penetration and subsequent disruption of the health center's operations.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.