OctaPharma Plasma Donation Centers Closed While Investigating Ransomware Attack
The Swiss pharmaceutical provider, Octapharma Plasma, experienced a cyberattack that impacted the systems at 190 plasma donation centers located in 35 U.S. states. Those donation centers were shut down currently while this company handled the cyberattack and tried to restore the affected services on the web.
On April 17, 2024, Octapharma noticed suspicious activity within its system. An unauthorized third party had compromised its network and interrupted the operations of some areas in the network. Third-party cybersecurity professionals inspected the attack to know its impact. At this point, Octapharma has no extra details yet regarding the attack, for instance, if ransomware was utilized for encrypting files. More information will be given as the inspection moves along.
Since critical IT systems are down, donors aren’t able to go to its plasma donation centers. The plasma gathered at its U.S. facilities is transported to its European processing facilities and is utilized to develop life-saving solutions. The disturbance to plasma products threatens development at its EU-based establishments, considering that 75% of the plasma utilized in its therapies is obtained from donors in the U.S.
A media reporter at The Register chatted with a source aware of the incident who stated the BlackSuit ransomware attack took place on April 15, 2024. The BlackSuit ransomware group is a fairly new ransomware operation that was uncovered in May 2023. The group has resemblances with the Royal ransomware group, which succeeded the Conti ransomware group. The Register’s source said that vulnerabilities were taken advantage of to acquire access to Octapharma’s VMware networks, with Blacksuit ransomware employed for file encryption.
In November 2023, the Health Sector Cybersecurity Coordination Center (HC3) notified the healthcare and public health sector concerning BlackSuit ransomware. HC3 mentioned the group is found to perform indiscriminate attacks on different industries, such as business technology, healthcare, business retail, manufacturing and government industries, and that the group participated in double extortion tactics, which means files are stolen and list the company in its data leak site in case no ransom payment is made. As of April 22, 2024, Octapharma is not shown on the group’s data leak website.
7,900 Individuals Affected by Island Ambulatory Surgery Center Cyberattack
Island Ambulatory Surgery Center based in Brooklyn, NY recently informed 7,900 persons concerning a cyberattack discovered on or about July 31, 2023. Cybersecurity specialists investigated the breach and confirmed that an unauthorized person got access to its system and exfiltrated some files, a number of which included patients’ personal and medical data.
The analysis of the breached files was finished on February 7, 2024, and affirmed the compromise of some or all of these data: name, birth date, driver’s license number, Social Security number, medical data, and/or medical insurance data. Notification letters were sent to the impacted persons on April 5, 2024. Island Ambulatory Surgery Center stated it regards privacy and security as a serious matter and has applied safety procedures to stop identical incidents later.
Medical Home Network Email Breach
MHNU Corporation, which is also called Medical Home Network (MHN) based in Illinois recently informed 681 persons concerning the compromise of their protected health information (PHI). MHN detected suspicious activity in its email system on or about October 11, 2023. After securing its email accounts, independent cybersecurity professionals investigated and confirmed the reason for the strange activity. The forensic investigation report showed that an unauthorized person acquired access to the email accounts of two workers from October 4, 2023 to October 12, 2023. Email messages and attached files may have been accessed or stolen.
On April 12, 2024, MHN discovered that the PHI of present and previous members of Wellness West, CountyCare, and NeueHealth were kept in the breached accounts. Those companies were informed regarding the breach on February 16, 2024. MHN worked with the firms to send notifications to the impacted people. MHN mentioned that the breached data contained first and last names, telephone numbers, birth dates, patient IDs, and health data; nevertheless, there was no proof of data misuse discovered during the sending of notifications. MHN stated it is serious regarding privacy and security and will stop the same incidents in the future.