270,000 patients are affected by the Louisiana hospital ransomware attack

Listen to this article

The Lake Charles Memorial Health System (LCMHS) is sending out notices of a data breach affecting almost 270,000 people who have received care at one of its medical centers.

LCMHS is the largest medical complex in Lake Charles, Louisiana, comprising a 314-bed hospital, a 54-bed women’s hospital, a 42-bed behavioral health hospital, and a primary care clinic for uninsured citizens.

According to the announcement posted on the LCMHS site, the cybersecurity incident occurred on October 21, 2022, when the organization’s security team detected unusual activity on the computer network.

An internal investigation concluded on October 25, 2022 revealed that hackers had gained unauthorized access to LCMHS’ network and then stole sensitive files.

These files contained patient information such as:

Full names
Physical addresses
Dates of birth
Medical records
Patient identification numbers
Health insurance information
Payment information
Limited clinical information regarding the received care
Social Security numbers (in some cases)
LCMHS’ announcement clarifies that its electronic medical records were out of reach for the network intruders.

“Beginning December 23, 2022, we are mailing letters to patients whose information may have been involved in this incident,” reads the notification.

“We are offering individuals whose Social Security number may have been included with complimentary credit monitoring and identity theft protection services. Patients are encouraged to review statements from their health insurer and healthcare providers, and to contact them immediately if they see any services they did not receive.” – LCMHS
LCMHS reported the incident to the secretary of the U.S. Department of Health and Human Services (HHS). The portal for healthcare-related breaches now reports that 269,752 individuals have been impacted by the incident.

Hive ransomware claims the attack
The Hive ransomware group listed LCMHS on its data leak site on November 15, 2022, a step that typically comes after failed negotiations for paying a ransom.

Interestingly, the hackers claim that the encryption took place on October 25, 2022, four days after LCMHS reported the first detection of the network intrusion.

Hive lists LCMHS on its Tor site
LCMHS breach published on Hive ransomware data leak site
source: BleepingComputer
Hive has also published the files allegedly stolen after breaching LCMHS systems.

The listed files include bills of materials, cards, contracts, medical info, papers, medical records, scans, residents, and more. BleepingComputer could not confirm if these files are authentic or not.

If you have received care on LCMHS in the past, it is recommended to stay vigilant for incoming communications asking you to give away personal information and payment data.

Also, you should monitor your bank statements and report any suspicious transactions to your bank immediately.

Buy Me a Coffee