lockbit2 attacks meritresources

Incident Date:

March 20, 2022

World map



lockbit2 attacks meritresources






Kennewick, USA

Washington, USA

First Reported

March 20, 2022

MERIT Resources, a Healthcare Services Provider, Suffers Ransomware Attack by Lockbit2

MERIT Resources, a prominent drug treatment and rehabilitation center within the Healthcare Services sector, has recently fallen victim to a ransomware attack orchestrated by the notorious group Lockbit2. This incident was disclosed on the group's dark web leak site, highlighting the ongoing vulnerability of healthcare institutions to cybercriminal activities. MERIT Resources, known for its comprehensive outpatient drug and alcohol treatment services across multiple locations including Ellensburg, Yakima, Sunnyside, Wapato, Toppenish, Pasco, and Kennewick, has been a beacon of support for individuals battling addiction since 1979.

As a nonprofit entity steered by a volunteer board of directors, MERIT Resources has significantly broadened its spectrum of services over the decades. Noteworthy milestones include its merger with Alcohol Drug Dependency Services in Ellensburg during 2015 and the expansion into Benton County and Pasco in 2017. The organization's offerings span a wide array of substance abuse interventions, from alcohol and drug treatment assessments, education, and referrals to outpatient, intensive outpatient, and telehealth programs, alongside relapse prevention, continuing recovery, aftercare, and specialized addiction treatment for both adults and adolescents. Additionally, it extends employee and student assistance programs.

The Cybersecurity Vulnerability of the Healthcare Sector

While the specific vulnerabilities of MERIT Resources were not detailed, the healthcare sector's susceptibility to ransomware attacks is well-documented, largely due to the sensitive nature of the data involved, including protected health information (PHI). This attack is symptomatic of a broader pattern of targeting healthcare providers, as evidenced by recent incidents involving Lurie Children's Hospital in Chicago and a medical supply operator. The healthcare industry's critical role and the invaluable nature of its data make it a prime target for cybercriminals seeking to exploit these vulnerabilities for financial gain.

Lockbit2 Ransomware Group's Modus Operandi

The Lockbit2 ransomware group, active since at least 2022, has gained notoriety for its attacks across various sectors, with healthcare being one of its frequent targets. This group's operations typically involve demanding a ransom in return for decrypting the compromised data. The attack on MERIT Resources underscores the significant operational disruptions and the potential risk to sensitive patient information that such incidents can cause.

This recent breach underscores the critical need for healthcare providers to implement and maintain robust cybersecurity measures. The evolving landscape of cyber threats, characterized by increasingly sophisticated and aggressive ransomware attacks, necessitates a proactive and comprehensive approach to cybersecurity within the healthcare sector.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.