Rhysida Ransomware Caused Outages to 16 Hospitals?

Category: Ransomware News | Industry: Healthcare | Sources: HC3 & The Record

In the aftermath of the ransomware attack that impacted Prospect Medical hospitals on August 3rd, 2023, the incident has been determined to affect 16 hospitals across four states. The repercussions include hospital closures, the rescheduling of patient appointments, and the rerouting of patients. A notice displayed on Prospect Medical's website alerts visitors to the ongoing situation: "Prospect Medical Holdings, along with all Prospect Medical facilities, is currently experiencing a systemwide outage. Our team is diligently working to address the issue at the earliest and apologizes for any inconvenience." This notice is also visible on the websites of the impacted Prospect Medical hospitals.

As per reports from Recorded Future News, this significant ransomware attack is believed to be attributed to the relatively new Rhysida ransomware group, which surfaced in May 2023. Notably, both the FBI and the U.S. Department of Health and Human Services (HHS) have refrained from providing comments when questioned about the culprits of the attack. An alert issued by the Health Sector Cybersecurity Coordination Center (HC3) on August 4th, 2023, underscores the group's focal areas, encompassing "education, government, manufacturing, technology, managed service providers," in addition to healthcare institutions. The HC3 advisory also highlights a link between Rhysida and the Vice Society ransomware gang based on similarities in their victimology. HC3 reports that "both groups primarily target the education sector, with 38.4% of Vice Society’s attacks targeting education, compared to 30% of Rhysida’s."