Conti ransomware finally closes the book on their operations
June 24, 2022
Chip manufacturing giant AMD investigating claims of stolen data
June 28, 2022

Sensitive health data leaked after ransomware attack against Fitzgibbon Hospital

On Saturday 25th of June 2022, information pointing to an attack on Fitzgibbon Hospital in Missouri was discovered. The group “Daixin Team” have claimed responsibility for the attack via their onion site which contained files allegedly stolen from Fitzgibbon.

Based on the leaked files, the Daixin Team had claimed to have exfiltrated 40 GB of data which contained numerous files with protected health information of patients. The information that had been leaked included:

  • patient names
  • diagnostic information
  • treatment information
  • date of service
  • demographic information
  • health insurance information
  • billing data.

Within the leaked files, a folder with thousands of scanned pdf files on cancer patients with detailed medical reports was founded as well as two .csv files that contained personal information and health insurance policy information on patients. Additionally, several files related to the hospital’s cybersecurity were founded which revealed possibly vulnerabilities within their network as well as results from penetration testing and other security assessments.

Fitzgibbon Hospital hasn’t released any announcement or statement in response to any breach or attack but a spokesperson for the Daixin Team did reveal further details on the attack. They stated that a part of the attack involved the Daixin Team allegedly encrypting the servers and backups, but not the workstations of the hospital. They also revealed that negotiation had occurred between a hospital representative and the Daixin Team but the hospital didn’t end up paying the ransom demand.

Leave a Reply

Your email address will not be published. Required fields are marked *