Lehigh Valley Health Network (blackcat)

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

In early 2023, the Lehigh Valley Health Network (LVHN), a prominent healthcare organization in Pennsylvania, became the target of a significant cybersecurity breach orchestrated by a ransomware gang known as BlackCat, which has been associated with Russia. This cyberattack specifically impacted the Lehigh Valley Physician Group (LVPG) – Delta Medix, leading to the unauthorized access and potential theft of sensitive patient information. The breach was first detected on February 6, 2023, with the actual breach occurring on January 8, 2023[1][10].

The BlackCat group, known for its sophisticated ransomware attacks, notably the first ransomware family written in the Rust programming language, demanded a ransom from LVHN. However, LVHN refused to comply with the ransom demands[4]. Despite the refusal to pay the ransom, the attack did not disrupt LVHN’s operations significantly[2][4]. The healthcare network, which includes eight hospital campuses and numerous other health facilities across Pennsylvania, took immediate action by launching an investigation, engaging cybersecurity experts, and notifying law enforcement[4].

The consequences of the breach were severe, with stolen documents and images of cancer patients being posted on the dark web. This included three photos of cancer patients receiving radiation oncology treatment and seven other documents containing patient information[5]. The leaked information was particularly sensitive, involving clinically appropriate photographs used for radiation oncology treatment among other personal data[8].

In response to the incident, LVHN has been working diligently to evaluate the scope of the breach and identify the individuals whose information was compromised. This process has been described as complex and labor-intensive due to the nature of the unstructured data involved[1]. LVHN has also taken steps to enhance its cybersecurity defenses and has offered affected individuals 24 months of complimentary subscription to Experian’s® IdentityWorks℠ for identity monitoring services[10].

The breach has led to legal repercussions for LVHN, with a lawsuit filed against the health network over its failure to protect sensitive patient information. The lawsuit, initiated by a cancer patient on behalf of others affected by the breach, alleges that the data breach was preventable and has caused significant damage to the victims[6]. The lawsuit criticizes LVHN for prioritizing financial considerations over patient privacy by refusing to pay the ransom, thereby allowing the sensitive images to be posted online[6].

This incident underscores the growing threat of ransomware attacks on healthcare organizations, highlighting the importance of robust cybersecurity measures and the ethical dilemmas involved in responding to ransom demands. LVHN’s experience with the BlackCat ransomware attack serves as a cautionary tale for other healthcare providers about the potential risks and consequences of cyberattacks[4][5][6].

Citations:

  1. https://www.lvhn.org/news/lehigh-valley-health-network-issues-cyber-incident-notification
  2. https://www.lvhn.org/news/message-brian-nester-do-mba-president-and-ceo-lehigh-valley-health-network
  3. https://www.hipaajournal.com/lehigh-valley-health-network-sued-after-ransomware-gang-publishes-nude-patient-images/
  4. https://www.bitdefender.com/blog/hotforsecurity/blackcat-hackers-denied-ransom-in-attack-on-leigh-valley-health-network/
  5. https://6abc.com/lehigh-valley-health-network-cyberattack-dark-web-stolen-documents/12926619/
  6. https://www.wfmz.com/news/area/lehighvalley/lawsuit-filed-against-lvhn-over-cyberattack-says-health-network-failed-to-protect-sensitive-information/article_eb3bb15e-c1e5-11ed-ae11-4b470460bf92.html
  7. https://www.phillyburbs.com/story/news/local/2023/06/30/lehigh-valley-health-network-hit-by-blackcat-cyberattack-data-stolen/70372450007/
  8. https://therecord.media/ransomware-lehigh-valley-alphv-black-cat
  9. https://healthitsecurity.com/news/third-party-health-data-breach-hits-pennsylvania-health-network
  10. https://www.lvhn.org/lehigh-valley-health-network-cyber-incident-notification
  11. https://www.mcall.com/2023/03/07/lehigh-valley-health-network-ransomware-patient-photos-posted/
  12. https://www.lehighvalleynews.com/health-news/lvhn-discloses-information-about-data-security-incident-discovered-in-february
  13. https://www.lehighvalleylive.com/business/2023/03/gang-leaks-lehigh-valley-health-network-cancer-patient-photos-as-part-of-data-hack.html
  14. https://healthitsecurity.com/news/lehigh-valley-health-network-hit-by-blackcat-ransomware-attack
  15. https://www.beckershospitalreview.com/cybersecurity/lehigh-valley-health-network-confirms-it-was-attacked-by-ransomware-gang-blackcat.html
  16. https://www.mcall.com/2023/07/29/attorneys-in-lehigh-valley-health-network-data-breach-lawsuit-battle-over-protection-of-data-downloaded-from-dark-web/
Breach Submission Date May 15, 2023
Converted Entity Name Lehigh Valley Health Network (blackcat)
Converted Entity Type Healthcare Provider
State PA
Individuals Affected 248,359
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes