Ransomware Attack on Continuing Healthcare Solutions: A Threat to Patient Data
Incident Date:
April 20, 2024
Overview
Title
Ransomware Attack on Continuing Healthcare Solutions: A Threat to Patient Data
Victim
Continuing Healthcare Solutions
Attacker
Inc Ransom
Location
First Reported
April 20, 2024
Ransomware Attack on Continuing Healthcare Solutions by INC Ransom
Company Profile
Continuing Healthcare Solutions, founded in 2013 and based in Cleveland, Ohio, operates a network of over 33 communities providing a spectrum of senior living services. These include assisted living, skilled nursing and rehabilitation, long-term care, respite care, and Alzheimer's care. The organization secured a significant financial boost in 2019 with a $43.3 million term loan and line of credit from Oxford Finance, aimed at acquiring and providing working capital for eight long-term care facilities in Ohio.
Attack Overview
The ransomware group INC Ransom, known for its sophisticated cyberattacks, has claimed responsibility for a ransomware attack on Continuing Healthcare Solutions.
The data theft and withholding in this attack reportedly includes sensitive patient information, which was demonstrated through a sample leak posted by the attackers. This type of data is particularly sensitive given its personal and confidential nature, increasing the pressure on the healthcare provider to resolve the situation swiftly to protect its patients and reputation.
Vulnerabilities and Target Profile
The company's relatively small size and the high value of the data it handles make it an attractive target for ransomware attacks. Healthcare entities like Continuing Healthcare Solutions are often seen as lucrative targets due to the critical nature of their services and the sensitivity of the data they hold, which includes health records and personal information of patients.
Sources
- Continuing Healthcare Solutions Website
- ZoomInfo: Continuing Healthcare Solutions
- CB Insights: Continuing Healthcare Solutions
- SOCRadar: INC Ransom Profile
- SalvageData: INC Ransom Malware Threat
- SentinelOne: INC Ransom
- Security Affairs: INC Ransom Attack on Xerox Corp
- Infosecurity Magazine: NHS Data Leak
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.