An assisted living services provider in Maryland revealed a data security incident in which attackers encrypted some of its information.
In an update posted to its website, Lorien Health Services revealed that the security incident had occurred back on June 6. As quoted from its statement:
Upon detecting the incident, Lorien immediately engaged a team of cybersecurity experts to assist with its response and to determine whether any personal information may have been accessed during the incident. On June 10, 2020 the investigation determined that personal information was accessed during the incident. The information may have included residents’ names, Social Security numbers, dates of birth, addresses, and health diagnosis and treatment information.
Lorien didn’t specify the nature of the incident in its statement.
According to Bleeping Computer, the security event involved an infection at the hands of NetWalker ransomware.
The NetWalker gang made the attack known in mid-June when they published screenshots of directory listings and admission records belonging to the assisted living services provider.
At the time of writing, Bleeping Computer had found a password-protected archive containing 147 MB of Lorien’s data available for viewing on a file-sharing service.
NetWalker has a history of attacking healthcare organizations. In March 2020, for instance, the website for a public health department in Illinois went down after the agency suffered a NetWalker ransomware attack.
The breach portal operated by the Office for Civil Rights at the U.S. Department of Health and Human Services placed the number of individuals affected by the attack at Lorien at 47,754.
In response to the security incident, Lorien Health Services explained that it began notifying residents affected by the event. Those letters included steps on how residents could help to protect their information along with an offer of a complimentary subscription to identity protection services for affected individuals.
The Maryland skilled nursing and assisted living services provider also said in its statement that it had notified the FBI about the incident and that it had set up a call center to assist victims in enrolling into an identity protection plan.