Category | Details |
---|---|
Threat Actors | RansomHub ransomware group |
Campaign Overview | • Attack on BayMark Health Services between September 24, 2024 and October 14, 2024. • Attackers accessed and exfiltrated personal and health data. • Data was published on RansomHub leak site. |
Target Regions (or Victims) | BayMark Health Services (North America) |
Methodology | • RansomHub exfiltrated 1.5 TB of sensitive data. • Attackers utilized ransomware tactics, and BayMark did not pay the ransom. |
Product Targeted | Personal and health data of patients |
Malware Reference | RansomHub ransomware |
Tools Used | • Ransomware (RansomHub) |
Vulnerabilities Exploited | • Unauthorized access to files on BayMark’s systems |
TTPs | • Ransomware deployment • Exfiltration of sensitive data • Leak site publication of stolen data |
Attribution | • RansomHub ransomware group |
Recommendations | • Change passwords and use strong, unique ones. • Enable two-factor authentication (2FA), preferably with a FIDO2 device. • Monitor identity and stay vigilant for phishing attacks. • Consider not storing card details. |
Source | Malwarebytes |
Read full article: https://www.malwarebytes.com/blog/news/2025/01/baymark-health-services-sends-breach-notifications-after-ransomware-attack
The above summary has been generated by an AI language model
Leave a Reply