Rhysida claims responsibility for attacks on two U.S. health systems: Prospect Medical Holdings, Singing River Health
On August 3, Prospect Medical Holdings disclosed a ransomware attack that affected some of its 16 hospitals and 10 clinics, including three hospitals in Connecticut and hospitals run by Crozer Health. Although they have made some progress with recovery, a note on their website today states, “Prospect Medical Holdings, along with all Prospect Medical facilities, is experiencing a systemwide outage. We are working to resolve the issue as soon as possible and regret any inconvenience.”
For its part, Rhysida ransomware gang claimed responsibility for the attack, stating, “They kindly provided: more than 500000 SSN, passports of their clients and employees, driver’s licenses, patient files (profile, medical history), financial and legal documents!!! If you are interested in our partner’s confidential documents, you will be able to purchase them too!!! Total 1TB unique files, as well as 1.3TB SQL database.”
By the end of the month, a second health system, Singing River Health System in Mississippi, was also added to Rhysida’s leak site with proof.
Singing River provides a systems update page about their recovery from the attack.