lockbit3 attacks MultiCare Home Health and Personal Care Services
Incident Date:
September 25, 2022
Overview
Title
lockbit3 attacks MultiCare Home Health and Personal Care Services
Victim
MultiCare Home Health and Personal Care Services
Attacker
Lockbit3
Location
First Reported
September 25, 2022
MultiCare Home Health and Personal Care Services Ransomware Attack
MultiCare Home Health and Personal Care Services, a healthcare provider based in Washington state, has been targeted by the ransomware group Lockbit3. The attack was announced on the group's dark web leak site. The company operates in the Healthcare Services sector and has been affected by a ransomware attack in the past, which led to the exposure of patient records, including names, addresses, medical records, social security numbers, and bank account numbers.
MultiCare Health System, the parent organization of MultiCare Home Health and Personal Care Services, has experienced multiple ransomware attacks. In December 2021, a ransomware attack targeted a third-party software vendor for health management company Woodcreek Provider Services, which supports several MultiCare health centers. The attackers infiltrated MultiCare data through Netgain Technology, a software vendor for Woodcreek based in Minnesota. In October 2022, some of MultiCare's employees' personal data was stolen in a ransomware attack against third-party printing vendor Kaye-Smith.
The size of MultiCare Home Health and Personal Care Services is not explicitly stated in the search results. However, it is mentioned that the ransomware attack potentially exposed personal information for more than 200,000 MultiCare staff, patients, and providers. The company's vulnerabilities in being targeted by threat actors include the use of third-party vendors and the potential for weak security measures in their systems.
MultiCare Health System has taken steps to mitigate the risks of ransomware attacks, such as offering HIPAA-compliant hardware and software to healthcare organizations and providing comprehensive security solutions to help meet strict HIPAA standards. Despite these efforts, the company has been affected by multiple ransomware attacks, highlighting the ongoing challenges in securing sensitive data in the healthcare sector.
Sources
- MultiCare Data Breach Exposes Patient Records
- MultiCare says employee data enmeshed in vendor ransomware attack
- Data hack exposed personal information of 200K MultiCare patients, staff
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.