Ransomcortex Ransomware Hits painPRO Clinics, Exposes Patient Data
Incident Date:
July 12, 2024
Overview
Title
Ransomcortex Ransomware Hits painPRO Clinics, Exposes Patient Data
Victim
painPro Clinics
Attacker
Ransomcortex
Location
First Reported
July 12, 2024
Ransomcortex Ransomware Attack on painPRO Clinics
Overview of painPRO Clinics
painPRO Clinics, a prominent healthcare provider in British Columbia, Canada, specializes in pain management and rehabilitation services. The company offers a range of treatments including registered massage therapy, physiotherapy, chiropractic care, kinesiology, and active rehabilitation. Founded by Michael Desrochers, painPRO Clinics is known for its evidence-based treatments and exceptional patient care. The clinics are designed to be accessible and convenient, with multiple locations and an online booking system.
Details of the Ransomware Attack
The ransomware group Ransomcortex has claimed responsibility for a cyberattack on painPRO Clinics. The attackers have reportedly seized 100GB of sensitive data and have threatened to publish the stolen documents and contact the clinic's patients unless the company engages with them directly. This breach has put patient data at significant risk, highlighting vulnerabilities in the healthcare sector.
Ransomcortex's Modus Operandi
Ransomcortex is known for targeting healthcare facilities due to the high value of medical data. The group exploits this data for financial fraud, extortion, and selling information on black markets. They recruit individuals for various tasks, including making ransom payments and gathering intelligence. Ransomcortex uses third-party encryption software and does not offer Ransomware as a Service (RaaS). They avoid targeting specific nations and companies that have previously paid ransoms.
Potential Vulnerabilities
The attack on painPRO Clinics underscores the vulnerabilities in the healthcare sector, particularly in data protection and cybersecurity measures. Healthcare providers often store vast amounts of sensitive data, making them attractive targets for ransomware groups like Ransomcortex. The breach at painPRO Clinics serves as a stark reminder of the need for robust cybersecurity protocols to protect patient information.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.