Lake Charles Memorial Health System (LCMHS) in Louisiana has suffered a data breach affecting almost 270,000 patients, with the Hive ransomware group claiming responsibility and publishing the allegedly stolen files on its data leak site...

Continue reading

A third-party software flaw inside one of Japan's largest telcos exposed login credentials for up to 14.2 million email accounts across six ISPs. The passwords? Some were hashed. Some may not have been
On November 15, 2022, the Hive ransomware group listed the Lake Charles Memorial Health System (LCMHS) on its data leak site, claiming responsibility for a data breach that affected almost 270,000 people who received care at one of the medical center's facilities. LCMHS, located in Lake Charles, Louisiana, is the largest medical complex in the area and comprises a 314-bed hospital, a 54-bed women's hospital, a 42-bed behavioral health hospital, and a primary care clinic for uninsured citizens.
The data breach occurred on October 21, 2022, when LCMHS' security team detected unusual activity on the organization's computer network. An internal investigation revealed that hackers had gained unauthorized access to LCMHS' network and then stole sensitive files, including patient names, addresses, dates of birth, medical records, patient identification numbers, health insurance information, payment information, limited clinical information, and in some cases, social security numbers. LCMHS electronic medical records were not affected by network intrusion.
LCMHS reported the incident to the U.S. Department of Health and Human Services (HHS) and has begun notifying to patients whose information may have been involved in the data breach. The organization also offers complimentary credit monitoring and identity theft protection services to individuals whose social security numbers may have been included in the stolen files. Patients are encouraged to review statements from their health insurers and healthcare providers and to contact them immediately if they see any services they did not receive.
The Hive ransomware group claimed responsibility for the data breach and published the allegedly stolen files on its data leak site. The listed files include bills of materials, cards, contracts, medical information, papers, medical records, scans, and residents. It is unclear if these files are authentic.

*LCMHS breach exposed by Hive ransomware on its data leak site*
The ransomware group claimed that the encryption of LCMHS systems took place on October 25, 2022, four days after the organization first detected the network intrusion. It is unknown if LCMHS negotiated with the ransomware group or if a ransom was paid.
If you have received care at LCMHS in the past, it is recommended that you stay vigilant for incoming communications asking you to give away personal information and payment data. You should also monitor your bank statements and report any suspicious transactions to your bank immediately. It is important to take steps to protect your personal information and to be on the lookout for any potential identity theft or financial fraud.

Hackers exploited a four-year-old credential in Klue's systems to steal customer data, impacting LastPass and several cybersecurity firms in a supply chain breach