The BlackCat /ALPHV ransomware gang has found a way to sink to new lows in attempting to extort a Pennsylvania healthcare provider out of a ransom payment by publishing private, compromising clinical photographs of breast cancer patients.
The Lehigh Valley Health Network disclosed the attack in late February, stating they were refusing to pay the ransom demand, reported The Record.
“Based on our initial analysis, the attack was on the network supporting one physician practice located in Lackawanna County. We take this very seriously and protecting the data security and privacy of our patients, physicians and staff is critical,” said Lehigh Valley Health Network president Brian Nester.
Takeaway: Criminal ransomware groups have shown time and time again that there is no line they will not cross. Leaking confidential photographs of breast cancer patients is a shocking new low, but ultimately not surprising.
Whatever data these groups can extract, they will weaponize in their extortion schemes. They will continue to do so until it is no longer profitable. The only way this is solved is by building resilient security programs, getting organizations to invest in cybersecurity skills and technologies and collaborating on new regulations that actually have teeth in the fight against cybercrime.
Halcyon.ai is the industry’s first dedicated, adaptive security platform that combines multiple advanced proprietary prevention engines along with AI models focused specifically on stopping ransomware – talk to a Halcyon expert today to find out more. And check out the Recent Ransomware Attacks resource site to get near real-time tracking of ransomware attacks, threat actor groups and their victims.