• About Us
  • Events
  • Newsletter Sign Up
  • Spotlight Series
  • Webinars
  • WhitePapers
  • Videos
  • Podcasts
    1. Cybersecurity
    2. Data Breaches

    Hive Ransomware Group Hits the Partnership HealthPlan of California

    March 31, 2022
    The Hive Ransomware group, which was first observed in June of 2021 and known to target healthcare organizations, has stolen 850,000 PII records from the Partnership HealthPlan of California
    Dreamstime Xxl 133846465 6245d08973da9

    According to a March 29 article from VentureBeat by Kyle Alspach, the Hive Ransomware group posted on its dark website that it has stolen 850,000 personally identified information (PII) records from the Partnership HealthPlan of California.

    The Hive Ransomware group was first observed in June of 2021 and on Sept. 3, 2021 we reported that the FBI had released an alert about the malicious Hive ransomware, the same group that took down Memorial Health System on Aug. 15.

    “The alert says that ‘Hive ransomware, which was first observed in June 2021 and likely operates as an affiliate-based ransomware, employs a wide variety of tactics, techniques, and procedures (TTPs), creating significant challenges for defense and mitigation,’ we reported. ‘Hive ransomware uses multiple mechanisms to compromise business networks, including phishing emails with malicious attachments to gain access and Remote Desktop Protocol (RDP) to move laterally once on the network.’”

    Further, “’After compromising a victim network, Hive ransomware actors exfiltrate data and encrypt files on the network. The actors leave a ransom note in each affected directory within a victim’s system, which provides instructions on how to purchase the decryption software. The ransom note also threatens to leak exfiltrated victim data on the Tor site, ‘HiveLeaks.’”

    The Partnership HealthPlan of California’s website is “temporarily unavailable” and has the following statement on its landing page:

    “Partnership HealthPlan of California recently became aware of anomalous activity on certain computer systems within its network. We are working diligently with third-party forensic specialists to investigate this disruption, safely restore full functionality to affected systems, and determine whether any information may have been potentially accessible as a result of the situation. Should our investigation determine that any information was potentially accessible, we will notify affected parties according to regulatory guidelines. We appreciate your patience and understanding and apologize for any inconvenience.”

    Alspach reports that “The Hive ransomware group posted its claim about the stolen Partnership HealthPlan of California data on Tuesday [March 29, 2022]. The data includes 850,000 unique PII records, such as name, social security number and address, according to the group. The stolen data also includes 400 GB of stolen files from the organization’s server, Hive claimed.”

    Continue Reading

    Sponsored Recommendations

    Six Cloud Strategies to Combat Healthcare's Workforce Crisis

    The healthcare workforce shortage is a complex challenge, but cloud communications offer powerful solutions to address it. These technologies go beyond filling gaps—they are transformin...

    Transforming Healthcare with AI Powered Solutions

    AI-powered solutions are revolutionizing healthcare by enhancing diagnostics, patient monitoring, and operational efficiency - learn how to integrate these innovations into your...

    Enhancing Healthcare Through Strategic IT and AI Innovations

    Learn how strategic IT and AI innovations are transforming healthcare - join Tomas Gregorio as he explores practical applications that enhance clinical decision-making, optimize...

    The Intersection of Healthcare Compliance and Security in the Age of Deepfakes

    As healthcare regulations struggle to keep up with rapid advancements in AI-driven threats like deepfakes, the security gaps have never been more concerning.