Norton Healthcare Inc.
Your Personal Info Could Be
Exposed Online After
This Hospital Breach
Breach Description
In May 2023, Norton Healthcare Inc., a Kentucky-based health system, experienced a significant ransomware attack that impacted approximately 2.5 million individuals, including patients, employees, and their dependents. The breach was discovered on May 9, 2023, after Norton Healthcare identified suspicious activity within its network on May 7, 2023. The attack led to delays in network-related actions and longer wait times for services. The compromised data included a wide range of sensitive information such as names, contact information, Social Security numbers, dates of birth, health information, insurance information, and medical identification numbers. For some individuals, driver’s license numbers, financial account information, and digital signatures were also exposed[1][2][3].
Following the discovery of the breach, Norton Healthcare initiated an investigation with the assistance of external cybersecurity experts. This investigation concluded in mid-November 2023, and Norton Healthcare began notifying affected individuals via postal mail on December 8, 2023. To mitigate the impact of the breach, Norton Healthcare is offering complimentary credit monitoring and identity protection services for 24 months to those affected[2][3].
The ransomware attack was claimed by a hacker group known as BlackCat, which also goes by ALPHV. This group claimed responsibility for the attack a few weeks after it occurred, stating that they had stolen 4.7TB of data from Norton Healthcare’s systems and demanded payment to prevent the release of the information on the dark web. Norton Healthcare has stated that it did not pay the ransom demanded by the hackers[1][9].
The breach has led to several lawsuits seeking class-action status against Norton Healthcare, with allegations that the health system failed to adequately protect sensitive data and did not provide timely notification to those affected. One of the lawsuits was filed by a former employee, Lanisha Malone, who alleges that Norton Healthcare knew significantly more details about the breach than what was disclosed to victims. The lawsuit claims that victims of the breach may face further exploitation, such as identity theft or fraud, due to the stolen data[3].
Norton Healthcare has stated that it is enhancing its security safeguards in response to the attack and has not detected any additional indicators of compromise since restoring its systems from backups on May 10, 2023. The health system has also been working with federal law enforcement to investigate the breach and terminate unauthorized access[2][6][17].
This incident highlights the ongoing threat of ransomware attacks against healthcare organizations and the importance of robust cybersecurity measures to protect sensitive patient and employee data.
Citations:
- https://www.wdrb.com/news/business/norton-healthcare-data-breach-victims-begin-receiving-notice/article_2a7113c2-9eaf-11ee-b0b1-575b93108c55.html
- https://nortonhealthcare.com/news/norton-healthcare-network-update/
- https://www.paubox.com/news/norton-healthcare-provides-notice-of-breach-impacting-2.5-million
- https://lifelock.norton.com
- https://www.hipaajournal.com/norton-healthcare-data-breach/
- https://healthitsecurity.com/news/kentucky-health-system-confirms-ransomware-attack-impacting-2.5m-individuals
- https://www.dea.gov
- https://spectrumnews1.com/ky/louisville/news/2023/12/22/attorney-weighs-in-on-norton-cyber-attack-letter
- https://www.bleepingcomputer.com/news/security/norton-healthcare-discloses-data-breach-after-may-ransomware-attack/
- https://www.thomsonreuters.com/en.html
- https://www.prnewswire.com/news-releases/privacy-alert-norton-healthcare-faces-class-action-investigation-for-data-breach-impacting-2-5-million-patient-and-employee-records-302018795.html
- https://www.idstrong.com/sentinel/ransomware-kentucky-healthcare-network-data-exposed/
- https://discover.castlebranch.com
- https://www.whas11.com/article/news/health/norton-healthcare-data-breach/417-6301382c-8c7e-4cd4-a088-9c93372f4e6e
- https://www.wdrb.com/wdrb-investigates/norton-healthcare-employee-patient-information-exposed-in-hack/article_f0c596c2-1121-11ee-831d-7fd11870c9b4.html
- https://atriaseniorliving.com
- https://www.wdrb.com/news/norton-healthcare-says-2-5-million-people-potentially-impacted-by-ransomware-attack/article_010bc1ce-9925-11ee-bc8a-f318ac656cd7.html
- https://www.modernhealthcare.com/digital-health/norton-health-data-breach
- https://www.aus.com
- https://www.jdsupra.com/legalnews/norton-healthcare-announces-data-breach-7184788/
- https://securityaffairs.com/155495/data-breach/norton-healthcare-ransomware-attack.html
- https://www.appalachianpower.com
- https://www.cybersecuritydive.com/news/norton-healthcare-ransomware-attack/702140/
- https://www.advarra.com