LockBit claims November attack on New Jersey hospital that allegedly disrupted patient care

The LockBit ransomware gang took credit for an attack in November on a hospital system that forced several facilities in New Jersey and Pennsylvania to cancel appointments and operate without patient records.

This weekend, LockBit job Capital Health on its extortion website, threatening to release seven terabytes of data stolen from the company.

The gang claimed it only stole data from a hospital controlled by Capital Health — Trenton Regional Medical Center — and did not encrypt hospital systems “so as not to interfere with patient care “.

But in November, the hospital said it suffered network outages due to the attack and was forced to adopt emergency protocols to continue helping patients. Its emergency rooms were able to remain open, but several elective surgeries were postponed to later dates and outpatient radiology appointments were canceled.

Neurophysiology and non-invasive cardiology testing were also postponed as the hospital spent more than a week operating with “system limitations.”

Health of the capital provided a brief update in December stating that all systems have been restored and that they are assessing “risk to patient and employee data.”

The organization did not respond to requests for comment on the data LockBit sells. The ransomware gang has set January 9 as the deadline for ransom payment.

Despite the gangs’ internal rules prohibiting attacks on hospitals, LockBit members continued to target healthcare facilities. The gang sparked outrage after launching an attack on Toronto’s Hospital for Sick Children, Canada’s largest pediatric health center, over the 2022 Christmas period.

Ransomware attacks on hospitals continue to cause widespread problems for the healthcare industry, forcing several facilities to divert ambulances, cancel appointments, and more.

But one of the biggest issues involves data stolen from healthcare settings, which often includes sensitive information such as Social Security numbers and clinical photos.

In an incident two weeks agoA ransomware gang used data stolen from a major Seattle-based cancer center to extort individual patients.

Several data theft incidents have been reported by healthcare companies over the past two weeks. North Kansas City Hospital warned last week that hackers had breached an external vendor’s systems and stolen health insurance information, demographics and clinical operations during a month-long security incident.

Just before Christmas, Integris Health of Oklahoma customers notified that hackers were contacting patients after breaching the company’s systems on November 28. Multiple customers said they had received emails from hackers trying to extort them using data stolen from the nonprofit hospital system.

Jonathan Greig is a breaking news reporter at Recorded Future News. Jonathan has worked as a journalist around the world since 2014. Before returning to New York, he worked for media outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.