Norton Healthcare Inc.

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

In May 2023, Norton Healthcare Inc., a Kentucky-based health system, experienced a significant ransomware attack that impacted approximately 2.5 million individuals, including patients, employees, and their dependents. The breach was discovered on May 9, 2023, after Norton Healthcare identified suspicious activity within its network on May 7, 2023. The attack led to delays in network-related actions and longer wait times for services. The compromised data included a wide range of sensitive information such as names, contact information, Social Security numbers, dates of birth, health information, insurance information, and medical identification numbers. For some individuals, driver’s license numbers, financial account information, and digital signatures were also exposed[1][2][3].

Following the discovery of the breach, Norton Healthcare initiated an investigation with the assistance of external cybersecurity experts. This investigation concluded in mid-November 2023, and Norton Healthcare began notifying affected individuals via postal mail on December 8, 2023. To mitigate the impact of the breach, Norton Healthcare is offering complimentary credit monitoring and identity protection services for 24 months to those affected[2][3].

The ransomware attack was claimed by a hacker group known as BlackCat, which also goes by ALPHV. This group claimed responsibility for the attack a few weeks after it occurred, stating that they had stolen 4.7TB of data from Norton Healthcare’s systems and demanded payment to prevent the release of the information on the dark web. Norton Healthcare has stated that it did not pay the ransom demanded by the hackers[1][9].

The breach has led to several lawsuits seeking class-action status against Norton Healthcare, with allegations that the health system failed to adequately protect sensitive data and did not provide timely notification to those affected. One of the lawsuits was filed by a former employee, Lanisha Malone, who alleges that Norton Healthcare knew significantly more details about the breach than what was disclosed to victims. The lawsuit claims that victims of the breach may face further exploitation, such as identity theft or fraud, due to the stolen data[3].

Norton Healthcare has stated that it is enhancing its security safeguards in response to the attack and has not detected any additional indicators of compromise since restoring its systems from backups on May 10, 2023. The health system has also been working with federal law enforcement to investigate the breach and terminate unauthorized access[2][6][17].

This incident highlights the ongoing threat of ransomware attacks against healthcare organizations and the importance of robust cybersecurity measures to protect sensitive patient and employee data.

Citations:

  1. https://www.wdrb.com/news/business/norton-healthcare-data-breach-victims-begin-receiving-notice/article_2a7113c2-9eaf-11ee-b0b1-575b93108c55.html
  2. https://nortonhealthcare.com/news/norton-healthcare-network-update/
  3. https://www.paubox.com/news/norton-healthcare-provides-notice-of-breach-impacting-2.5-million
  4. https://lifelock.norton.com
  5. https://www.hipaajournal.com/norton-healthcare-data-breach/
  6. https://healthitsecurity.com/news/kentucky-health-system-confirms-ransomware-attack-impacting-2.5m-individuals
  7. https://www.dea.gov
  8. https://spectrumnews1.com/ky/louisville/news/2023/12/22/attorney-weighs-in-on-norton-cyber-attack-letter
  9. https://www.bleepingcomputer.com/news/security/norton-healthcare-discloses-data-breach-after-may-ransomware-attack/
  10. https://www.thomsonreuters.com/en.html
  11. https://www.prnewswire.com/news-releases/privacy-alert-norton-healthcare-faces-class-action-investigation-for-data-breach-impacting-2-5-million-patient-and-employee-records-302018795.html
  12. https://www.idstrong.com/sentinel/ransomware-kentucky-healthcare-network-data-exposed/
  13. https://discover.castlebranch.com
  14. https://www.whas11.com/article/news/health/norton-healthcare-data-breach/417-6301382c-8c7e-4cd4-a088-9c93372f4e6e
  15. https://www.wdrb.com/wdrb-investigates/norton-healthcare-employee-patient-information-exposed-in-hack/article_f0c596c2-1121-11ee-831d-7fd11870c9b4.html
  16. https://atriaseniorliving.com
  17. https://www.wdrb.com/news/norton-healthcare-says-2-5-million-people-potentially-impacted-by-ransomware-attack/article_010bc1ce-9925-11ee-bc8a-f318ac656cd7.html
  18. https://www.modernhealthcare.com/digital-health/norton-health-data-breach
  19. https://www.aus.com
  20. https://www.jdsupra.com/legalnews/norton-healthcare-announces-data-breach-7184788/
  21. https://securityaffairs.com/155495/data-breach/norton-healthcare-ransomware-attack.html
  22. https://www.appalachianpower.com
  23. https://www.cybersecuritydive.com/news/norton-healthcare-ransomware-attack/702140/
  24. https://www.advarra.com
Breach Submission Date Jul 07, 2023
Converted Entity Name Norton Healthcare Inc.
Converted Entity Type Healthcare Provider
State KY
Individuals Affected 501
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes