There has been a handover of patient data stolen by the notorious LockBit gang from a cloud computing company to a New York hospital alliance that is partnered with that company. There was a lawsuit filed by the North Star Health Alliance - a group of hospitals - in November in the hopes of forcing LockBit to return the patient data cybercriminals had stolen from the hospitals and kept on the Massachusetts vendor's servers.
The lawsuit was filed by North Star Health Alliance in November as a legal manoeuvre to force LockBit to return the patient data. There has been a lawsuit filed against unknown members of the LockBit group by a healthcare alliance of two hospitals and an orthopaedic group in upstate New York.
However, the suit is a legal move designed to make a Massachusetts-based cloud services vendor turn over patient data stolen from hospitals and allegedly stored on the cloud service vendor's servers to force the gang to hand over the data.
It is said by David Hoffman, general counsel of Claxton-Hepburn Medical Center, which recently filed a lawsuit against ransomware gang LockBit, that the ubiquity and anonymity of cryptocurrencies are driving economic, legal, and ethical challenges that place healthcare organizations at risk from cybercriminals.
Despite their claims, the lawsuit asserts that the defendants "conspired to commit complex cybercrime and move stolen goods around the world." The lawsuit claims that the defendants' identities "are unknown at the moment, as they have perpetrated the subject scheme in secrecy and by using the internet."
As part of the legal action against the hackers, the hospital group was able to serve a subpoena upon Boston-based cloud-based storage company Wasabi Technologies for the delivery of the data LockBit claimed to have stolen last summer from the hospital group. The cybercriminals allegedly stored the data on Wasabi's servers, according to court documents, which were then turned over to LockBit.
There is an injunction sought by North Star Health Alliance to prevent the use, transfer or duplication of the exfiltrated data. According to the complaint, all copies of the stolen data must be destroyed after they have been returned to the hospital group, as well as all other copies being destroyed.
It is reported by the hospitals that they needed access to the data to be able to identify individuals whose information could potentially be compromised as a result of the breach.
It was announced recently that Wasabi Technologies turned over data stolen from LockBit and stored on its servers to North Star Health Alliance, which was a member of the North Star Health Alliance that has been affected by the August attack, said David Hoffman, general counsel for Claxton-Hepburn Medical Center.
ISMG was notified by Wasabi that the firm is committed to ensuring that all regulatory requests related to the company are answered as soon as possible. The policy of the firm is to refrain from commenting on ongoing legal matters.
According to the lawsuit, around August 30, when a hacker gained access to Wasabi's cloud server owned and operated by the hospital group, the data was stolen from the hospital group's IT infrastructure and transferred to a server owned and operated by Wasabi. A data breach occurred.
As per a statement posted on Carthage Area Hospital's Facebook page on Sept. 6, North Star Health Alliance members have been required to reschedule a variety of outpatient appointments as a result of a cybersecurity incident that they were dealing with.
There is a requirement in the finance sector to prove that companies understand their customers. This applies to regulations - such as those regarding cryptocurrency exchanges - he explained. The cloud providers should be obligated to meet these types of requirements to prevent the storage of stolen information, the operation of hostile scanners and the distribution of malware out of domestic data centres, or other types of information security threats, etc., in the cloud.
In addition to raising potential legal concerns for technology vendors seeking a way to avoid getting unknowingly entangled in cybercrime committed by their clients, Dave Bailey, vice president at privacy and security consultancy Clearwater, believes the North Star Health Alliance case also raises illegal concerns, which could cause vendors legal problems.
To provide care and perform vital mission-critical functions, healthcare organizations are increasingly depending on online platforms for the collection and use of personal data. It should be noted however, that cybercriminals will continue to exploit gaps in the security of governments to steal personal information and profit from it.
In the end, this can have adverse effects on the organization's business operations, resulting in poor health services and ultimately a decline in performance.
Healthcare providers and facilities should demonstrate prompt responsiveness to minimize potential damages swiftly.
Additionally, it is imperative to establish comprehensive, integrated preventative measures to safeguard data and uphold continuous business operations. Healthcare organizations stand to gain considerable advantages from the implementation of multi-layered detection and recovery systems.
These systems aid in the identification and prevention of vulnerabilities and malware, mitigating the risk of exploitation and transmission to various data endpoints, including corporate networks, medical devices, company mobiles, and others.
In the event of security incidents, such as data breaches, healthcare organizations must possess the capability to assess their impact accurately. Furthermore, they are obligated to promptly notify law enforcement and the relevant authorities. Simultaneously, it is essential to enact a well-defined action plan to address the needs of affected patients and individuals, ensuring a comprehensive and effective response to security breaches.
