United Health Centers of San Joaquin Valley hit by Vice Society Ransomware

Ransomware gangs have begun targeting health-care organizations in their cyberattacks once more.

United Health Centers of San Joaquin Valley hit by Vice Society Ransomware
United Health Centers of San Joaquin Valley hit by Vice Society Ransomware | Image credits: Brightline Technologies

According to the Vice Society ransomware group's claims, the United Health Centers of San Joaquin Valley, a California healthcare facility, has been targeted by the gang's ransomware attacks. United Health Facilities operates approximately 20 community health facilities throughout the counties of Fresno, Kings, and Tulare, among other places.

Patients' names and birth dates, as well as insurance information, were discovered in some of the leaked files, according to Databreaches.net, who also discovered a folder containing patient files from 2012 that had fallen behind on their accounts and had been referred to debt collection agencies in one of the leaked files. Individuals' Social Security numbers and diagnosis information were among the personally identifiable health information (PHI) contained in such files, according to Hipaa Journal.

It has been alleged that the Vice Society gang has already released material that they claim to have obtained during the hack on their data leak website, including protected health information on patients and their medical records (PHI).

The Vice Society ransomware gang initially appeared in the middle of 2021, and it's believed to be an offshoot of the HelloKitty malware operation, according to security experts. The group has used a variety of methods to get access to their victims' networks, including exploiting PrintNightmare flaws and other vulnerabilities in software.

Prior to encrypting files with ransomware, the organization has been accused of stealing data from victims' computers through phishing attacks. In the following days, the information is made available on the data leak website, putting the burden of proof on the victims to make a payment. According to the evidence, this appears to be yet another of those attacks.

Because of the ransomware attack, the health facilities had to shut down the entire network

United Health Centers' whole network was taken down as a result of the ransomware attack, according to Bleeping Computer, which received an alarm from a reputable member of the cybersecurity community on August 31, 2021.

There have been no announcements regarding the issue on either the United Health Centers or the California Attorney General's websites, and no information about the event has been posted on the HHS Office for Civil Rights Breach Portal. Under HIPAA, firms that are subject to the law have 60 days to notify the public of a data breach.

According to a source at Bleeping Computer, the attack substantially impacted the healthcare provider's information technology infrastructure, however, backups were unharmed by the attack. United Health Centers appears to have begun re-imaging machines and restoring data from backups, according to reports. In conjunction with the data leak, this indicates that the ransom was not paid.

Whether United Health Centers has responded to the attack reports from Bleeping Computer and Databreaches.net is currently unknown at this time.

Vice Society, on the other hand, does not fall into the category of ransomware-as-a-service operations, which restricts the industries that can be targeted and avoids the healthcare industry entirely in their operations. It directs around one-fifth of its attacks on the healthcare business.