| Category | Details |
|---|---|
| Threat Actors | RansomHub ransomware group |
| Campaign Overview | • Attack on BayMark Health Services between September 24, 2024 and October 14, 2024. • Attackers accessed and exfiltrated personal and health data. • Data was published on RansomHub leak site. |
| Target Regions (or Victims) | BayMark Health Services (North America) |
| Methodology | • RansomHub exfiltrated 1.5 TB of sensitive data. • Attackers utilized ransomware tactics, and BayMark did not pay the ransom. |
| Product Targeted | Personal and health data of patients |
| Malware Reference | RansomHub ransomware |
| Tools Used | • Ransomware (RansomHub) |
| Vulnerabilities Exploited | • Unauthorized access to files on BayMark’s systems |
| TTPs | • Ransomware deployment • Exfiltration of sensitive data • Leak site publication of stolen data |
| Attribution | • RansomHub ransomware group |
| Recommendations | • Change passwords and use strong, unique ones. • Enable two-factor authentication (2FA), preferably with a FIDO2 device. • Monitor identity and stay vigilant for phishing attacks. • Consider not storing card details. |
| Source | Malwarebytes |
Read full article: https://www.malwarebytes.com/blog/news/2025/01/baymark-health-services-sends-breach-notifications-after-ransomware-attack
The above summary has been generated by an AI language model
Leave a Reply