| Category | Details |
|---|---|
| Threat Actors | RansomHub ransomware group |
| Campaign Overview | • Attack on BayMark Health Services between September 24, 2024 and October 14, 2024. • Attackers accessed and exfiltrated personal and health data. • Data was published on RansomHub leak site. |
| Target Regions (or Victims) | BayMark Health Services (North America) |
| Methodology | • RansomHub exfiltrated 1.5 TB of sensitive data. • Attackers utilized ransomware tactics, and BayMark did not pay the ransom. |
| Product Targeted | Personal and health data of patients |
| Malware Reference | RansomHub ransomware |
| Tools Used | • Ransomware (RansomHub) |
| Vulnerabilities Exploited | • Unauthorized access to files on BayMark’s systems |
| TTPs | • Ransomware deployment • Exfiltration of sensitive data • Leak site publication of stolen data |
| Attribution | • RansomHub ransomware group |
| Recommendations | • Change passwords and use strong, unique ones. • Enable two-factor authentication (2FA), preferably with a FIDO2 device. • Monitor identity and stay vigilant for phishing attacks. • Consider not storing card details. |
| Source | Malwarebytes |
Read full article: https://www.malwarebytes.com/blog/news/2025/01/baymark-health-services-sends-breach-notifications-after-ransomware-attack
The above summary has been generated by an AI language model
Comments (1)
Osint10X Newsletter #4 - Osint10xsays:
January 12, 2025 at 11:12 pm[…] BayMark Health Services suffered a ransomware attack, compromising sensitive patient data. The attackers accessed and encrypted records, forcing the company to issue breach notifications. This incident highlights the ongoing threat ransomware poses to the healthcare sector. Read more […]