#1 Trending Cybersecurity News & Magazine
Tuesday, December 5, 2023
No Result
View All Result
The Cyber Express
  • MagazineDownload
  • Firewall Daily
    • All
    • Bug Bounty & Rewards
    • Dark Web News
    • Data Breach News
    • Hacking News
    • Ransomware News
    • Vulnerabilities
    SPARRSO data breach

    Cyberattack on SPARRSO Raises Concerns Over Security in Bangladesh

    GTA 6 Map Leak

    The GTA 6 Map Leaked by Rockstar Employee’s Son: What’s Disclosed?

    TrickMo Banking Trojan

    TrickMo Banking Trojan Resurfaces with New Features, Targeting Android Devices this Time Around

    Vietnam Electricity data breach

    BlackCat Ransomware Strikes Ho Chi Minh City Power Corporation

    cybersecurity

    Emerging Trends and Challenges in Cybersecurity: Insights from Abul Kalam Azad

    Spyroid Rat Android RAT

    Unmasking Spyroid Rat: An In-Depth Look at the Menacing Android RAT

    MIRLE Group cyberattack

    MIRLE Group Targeted by Notorious LockBit Ransomware Group

    Cosmote Cyberattack

    Anonymous Collective Targets Greece’s Largest Mobile Operator Cosmote; Website Currently Down

    Colonial Pipeline Data Breach

    Colonial Pipeline Hit by ‘CyberNiggers’ Hacker Group, Sensitive Data for Sale on Dark Web

    Trending Tags

    • blackbyte ransomware
    • Ransomware
    • lapsus$ ransomware
    • Apple
    • Apple vulnerability
  • Essentials
    • All
    • Compliance
    • Governance
    • Policy Updates
    • Regulations
    AI Security Guidelines

    Rethinking AI For Cybersecurity: The UK & US Reveals New Guidelines For AI Security

    Cyber Insurance

    Cyber Insurance and Real-Time Threat Dashboard to Mend the Gaps in Near Future

    Pledge to Stop Ransom Payment

    Pledge to Stop Ransom Payment Awaits Consensus from all Members of the CRI

    Executive Order on Artificial Intelligence

    Biden Administration’s AI Directive: A Blueprint for Ethical Use and Enhanced Cybersecurity

    Cyber Resilience

    Towards Cyber Resilience: A Data-Centric Approach to Security

    CybleGrowCon

    Cyble Partner Network GrowCon 2023: Uniting Cybersecurity Leaders

    GRC, What is GRC

    What is GRC (Governance, Risk & Compliance): A Beginner’s Guide

    Facial Recognition Ban

    New York State Education Department Bans Facial Recognition Scans in Schools

    US Cybersecurity Regulations: Tracing the Past and Predicting the Future

    US Cybersecurity Regulations: Tracing the Past and Predicting the Future

    • Regulations
    • Compliance
    • Governance
    • Policy Updates
  • Features
    • Cyber Warfare
    • Espionage
    • Workforce
      • Learning & Development
  • Business
    • All
    • Appointments
    • Budgets
    • Mergers & Aquisitions
    • Partnerships
    • Press Release
    • Startups
    InsureMO

    InsureMO Partners with Cyble to Revolutionize Cyber Insurance with Real-Time Threat Intelligence

    Countdown to TimeAI Summit 2023

    Countdown to TimeAI Summit 2023: Unveiling the Future of Artificial Intelligence in Dubai

    Emerging Tech Summit

    The Emerging Tech Summit – Saudi Arabia 2023

    Business Cybersecurity

    Prioritizing Business Cybersecurity Plans During Mergers and Acquisitions

    TimeAI Summit

    TimeAI Summit is Uniting Tech Giants and Visionaries in Dubai to Shape the Future of AI

    CyberDSA 2023

    CyberDSA 2023: Forging a Resilient Digital Future Through Unprecedented Collaboration

    Summit MENA 2023

    MENA Summit 2023: Exploring the Future of Digital Identity & Authentication

    Cyble Raises 24 Million in Series B Funding

    Cyble Raises 24 Million in Series B Funding: Leveraging AI and Threat Intelligence to Revolutionize Cybersecurity

    Alarming 66% Quarterly Growth in Ransomware Attacks Notes Cyble’s Q2-2023 Ransomware Report

    Alarming 66% Quarterly Growth in Ransomware Attacks Notes Cyble’s Q2-2023 Ransomware Report

    • Startups
    • Mergers & Aquisitions
    • Partnerships
    • Appointments
    • Budgets
    • Research
      • Whitepapers
      • Sponsored Content
      • Market Reports
    • Interviews
      • Podcast
  • EventsCyberCon
    • World CyberCon India 2023
    •  Cyber Security Webinar
    • Endorsed Events
  • ProductsTools
    • Cyble Vision
    • Cyble Hawk (LEA, Govt.)
    • Am I Breached
    • Cyble Odin
SUBSCRIBE
  • MagazineDownload
  • Firewall Daily
    • All
    • Bug Bounty & Rewards
    • Dark Web News
    • Data Breach News
    • Hacking News
    • Ransomware News
    • Vulnerabilities
    SPARRSO data breach

    Cyberattack on SPARRSO Raises Concerns Over Security in Bangladesh

    GTA 6 Map Leak

    The GTA 6 Map Leaked by Rockstar Employee’s Son: What’s Disclosed?

    TrickMo Banking Trojan

    TrickMo Banking Trojan Resurfaces with New Features, Targeting Android Devices this Time Around

    Vietnam Electricity data breach

    BlackCat Ransomware Strikes Ho Chi Minh City Power Corporation

    cybersecurity

    Emerging Trends and Challenges in Cybersecurity: Insights from Abul Kalam Azad

    Spyroid Rat Android RAT

    Unmasking Spyroid Rat: An In-Depth Look at the Menacing Android RAT

    MIRLE Group cyberattack

    MIRLE Group Targeted by Notorious LockBit Ransomware Group

    Cosmote Cyberattack

    Anonymous Collective Targets Greece’s Largest Mobile Operator Cosmote; Website Currently Down

    Colonial Pipeline Data Breach

    Colonial Pipeline Hit by ‘CyberNiggers’ Hacker Group, Sensitive Data for Sale on Dark Web

    Trending Tags

    • blackbyte ransomware
    • Ransomware
    • lapsus$ ransomware
    • Apple
    • Apple vulnerability
  • Essentials
    • All
    • Compliance
    • Governance
    • Policy Updates
    • Regulations
    AI Security Guidelines

    Rethinking AI For Cybersecurity: The UK & US Reveals New Guidelines For AI Security

    Cyber Insurance

    Cyber Insurance and Real-Time Threat Dashboard to Mend the Gaps in Near Future

    Pledge to Stop Ransom Payment

    Pledge to Stop Ransom Payment Awaits Consensus from all Members of the CRI

    Executive Order on Artificial Intelligence

    Biden Administration’s AI Directive: A Blueprint for Ethical Use and Enhanced Cybersecurity

    Cyber Resilience

    Towards Cyber Resilience: A Data-Centric Approach to Security

    CybleGrowCon

    Cyble Partner Network GrowCon 2023: Uniting Cybersecurity Leaders

    GRC, What is GRC

    What is GRC (Governance, Risk & Compliance): A Beginner’s Guide

    Facial Recognition Ban

    New York State Education Department Bans Facial Recognition Scans in Schools

    US Cybersecurity Regulations: Tracing the Past and Predicting the Future

    US Cybersecurity Regulations: Tracing the Past and Predicting the Future

    • Regulations
    • Compliance
    • Governance
    • Policy Updates
  • Features
    • Cyber Warfare
    • Espionage
    • Workforce
      • Learning & Development
  • Business
    • All
    • Appointments
    • Budgets
    • Mergers & Aquisitions
    • Partnerships
    • Press Release
    • Startups
    InsureMO

    InsureMO Partners with Cyble to Revolutionize Cyber Insurance with Real-Time Threat Intelligence

    Countdown to TimeAI Summit 2023

    Countdown to TimeAI Summit 2023: Unveiling the Future of Artificial Intelligence in Dubai

    Emerging Tech Summit

    The Emerging Tech Summit – Saudi Arabia 2023

    Business Cybersecurity

    Prioritizing Business Cybersecurity Plans During Mergers and Acquisitions

    TimeAI Summit

    TimeAI Summit is Uniting Tech Giants and Visionaries in Dubai to Shape the Future of AI

    CyberDSA 2023

    CyberDSA 2023: Forging a Resilient Digital Future Through Unprecedented Collaboration

    Summit MENA 2023

    MENA Summit 2023: Exploring the Future of Digital Identity & Authentication

    Cyble Raises 24 Million in Series B Funding

    Cyble Raises 24 Million in Series B Funding: Leveraging AI and Threat Intelligence to Revolutionize Cybersecurity

    Alarming 66% Quarterly Growth in Ransomware Attacks Notes Cyble’s Q2-2023 Ransomware Report

    Alarming 66% Quarterly Growth in Ransomware Attacks Notes Cyble’s Q2-2023 Ransomware Report

    • Startups
    • Mergers & Aquisitions
    • Partnerships
    • Appointments
    • Budgets
    • Research
      • Whitepapers
      • Sponsored Content
      • Market Reports
    • Interviews
      • Podcast
  • EventsCyberCon
    • World CyberCon India 2023
    •  Cyber Security Webinar
    • Endorsed Events
  • ProductsTools
    • Cyble Vision
    • Cyble Hawk (LEA, Govt.)
    • Am I Breached
    • Cyble Odin
No Result
View All Result
The Cyber Express
No Result
View All Result
Home Firewall Daily Data Breach News

Norton Healthcare Cyber Attack: ALPHV/BlackCat Posts Ransom Note

Weeks after Norton Healthcare announced that it got a suspicious message about its network on May 9, the ALPHV/BlackCat ransomware group claimed that it attacked the healthcare

Vishwa Pandagle by Vishwa Pandagle
May 26, 2023 - Updated on July 7, 2023
in Data Breach News, Firewall Daily
0
Norton Healthcare Cyber Attack: ALPHV/BlackCat Posts Ransom Note
787
SHARES
4.4k
VIEWS
Share on LinkedInShare on Twitter

Weeks after the first update on the Norton Healthcare cyber attack came, the ALPHV/BlackCat ransomware group disclosed that it was a ransomware attack.

Norton Healthcare earlier announced a “cyber-incident” after it got a suspicious message on May 9. Threat intelligence researcher Brett Callow posted the following blurred screenshot of the leaked data from the Norton Healthcare cyber attack.

You might also like

India’s Income Tax Department Data Breach: Threat Actor Sets Price for Access

The Man Behind the Arlington Explosion: Ex-Telecom Security Chief Suspected

Cyberattack on SPARRSO Raises Concerns Over Security in Bangladesh

Norton Healthcare cyber attack

Norton Healthcare Cyber Attack
Screenshot from ALPHV leak site (Photo: Brett Callow/ Twitter)

ALPHV wrote on its leak site that the time given to Norton executives and board members was exhausted wherein they did not try to protect the privacy of their clients and employees. “They’re making false statements in the recent news and lying people that they’ve received fax….”

The ransomware group said that they would destroy all the exfiltrated data and give them a detailed security report, from the Norton Healthcare cyber attack.

The ransomware group made a rant about the officials of Norton Healthcare getting sued for their irresponsibility in risking patient data, that they stole in the Norton ransomware attack.

The group exfiltrated photos, millions of SSN records, 25,0000 employee data, clinical imaging data, etc. The ALPHV post extended the ransom payment deadline another week following which if their demands were not met, they will leak the data.

This was the group’s last warning for Norton Healthcare.

History of the Norton Healthcare cyber attack

The Norton Healthcare cyber attack came to light on May 10, when the company announced on Facebook about an IT disruption that affected its services.

Norton healthcare cyber attack

Disrupted services from the Norton Healthcare cyber attack were Norton eCare and Norton My Chart, the healthcare service’s electronic medical records software.

Two days later, Norton Healthcare disclosed on Facebook that it was indeed a cyber attack.

Norton healthcare cyber attack

“Although- our review is ongoing, an initial analysis confirms Norton Health care was the victim of a cyber-event.” They confirmed that medical practices and other facilities were open while caregivers maintained the required protocols in the absence of accessible systems.

Further updates on the Norton Healthcare cyber attack came with a May 16 notification on Facebook, which disclosed that the cyber attack happened on May 9, following which their IT systems had to be taken offline.

“Why is no one talking about all of the non-elective, time-sensitive surgeries that are being canceled or not scheduled? No images being read, no imaging available for before, after or during surgeries,” a Facebook user responded.

Other details about the Norton Healthcare cyberattack

Several patients spoke up about delayed healthcare services for reports and results due to the Norton Healthcare cyber attack.

The last alert made by the healthcare today assured that they were closer to resuming all operations and bringing the systems back online.

According to the healthcare’s news release updated on May 24, the following services were impacted by the Norton Healthcare cyber attack:

  • Same-day appointment for illnesses or minor injury
  • Emergency care
  • Some procedures including exams and appointments were required to be rescheduled.
  • Sharing test results and images
  • Prescription refill
  • Online payments for Norton MyChart

“We want to let the community know that we know that our processes are a little bit different now. They’re a bit different so that care can continue,” a WDRB report on May 24 cited Renee Murphy, Norton Healthcare’s chief marketing and communications officer.

“What happened to us in the cyber event, again, was something that happened to us and we’ve responded accordingly in a way that care can continue,” he said.

It is not clear how much data was exfiltrated and the sum ALPHV ransomware group has demanded for data stolen from the Norton Healthcare cyber attack. The Cyber Express reached out to the healthcare and we will update this report as we receive a response from them.

Norton Healthcare serves nearly 600,000 patients across Louisville, a year. It has $4.7 billion worth of assets with five hospitals, eight outpatient centers, 18 urgent care clinics, and 289 doctor’s offices.

BlackCat ransomware and US healthcare

ALPHV/BlackCat ransomware group is among the top three ransomware gangs by the number of victims till date. Healthcare sector continues to be one of its preferred targets.

The Health Sector Cybersecurity Coordination Center of the US Department of Health and Human Services in January alerted about the BlackCat ransomware group’s operations in the healthcare sector, particularly its triple extortion tactic.

This means that in addition to encrypting data and demanding a ransom, the group also threatens to leak the data and launch distributed denial-of-service attacks if the ransom is not paid.

BlackCat is believed to have emerged from Darkside and BlackMatter, and is connected to former members of the REvil group.

BlackCat has demanded ransom payments as high as $1.5 million, with affiliates retaining 80% to 90% of the extortion payments. The group frequently updates its tooling and arsenal as they undergo testing and usage cycles, making it a dynamic and evolving threat.

Security researchers have identified instances where BlackCat attackers have utilized a PowerShell command to download Cobalt Strike beacons on affected systems, as well as a penetration testing tool called Brute Ratel, which exhibits remote access features similar to Cobalt Strike.

The encryption methods employed by BlackCat include ChaCha20 and AES, along with six encryption modes: Full, HeadOnly, DotPattern, SmartPattern, AdvancedSmartPattern, and Auto.

BlackCat’s latest ransomware variant, developed in the memory-safe and cross-platform programming language Rust, provides the group with enhanced flexibility and capabilities.

Share this:

  • Click to share on LinkedIn (Opens in new window)
  • Click to share on Reddit (Opens in new window)
  • Click to share on Twitter (Opens in new window)
  • Click to share on Facebook (Opens in new window)
  • More
  • Click to email a link to a friend (Opens in new window)
  • Click to share on WhatsApp (Opens in new window)

Related

Tags: ALPHV Ransomware Grouphealthcare cyberattackNorton Healthcare ransomware attackThe Cyber ExpressThe Cyber Express News
Previous Post

All You Need to Know About The Nokoyawa Ransomware Group

Next Post

Linux Devices Attacked Via a Mirai Botnet Variant ‘IZ1H9’

Vishwa Pandagle

Vishwa Pandagle

Related Posts

Income Tax Department of India
Data Breach News

India’s Income Tax Department Data Breach: Threat Actor Sets Price for Access

by Samiksha Jain
December 5, 2023
James Yoo
Cybersecurity News

The Man Behind the Arlington Explosion: Ex-Telecom Security Chief Suspected

by Samiksha Jain
December 5, 2023
SPARRSO data breach
Firewall Daily

Cyberattack on SPARRSO Raises Concerns Over Security in Bangladesh

by Ashish Khaitan
December 5, 2023
GTA 6 Map Leak
Firewall Daily

The GTA 6 Map Leaked by Rockstar Employee’s Son: What’s Disclosed?

by Ashish Khaitan
December 5, 2023
TrickMo Banking Trojan
Dark Web News

TrickMo Banking Trojan Resurfaces with New Features, Targeting Android Devices this Time Around

by Editorial
December 5, 2023
Next Post
Mirai botnet cyber attack

Linux Devices Attacked Via a Mirai Botnet Variant 'IZ1H9'

Latest Issue is Out. Subscribe Now

Cybersecurity Magazine



Follow Us On Google News

Latest Cyber News

SPARRSO data breach
Firewall Daily

Cyberattack on SPARRSO Raises Concerns Over Security in Bangladesh

December 5, 2023
GTA 6 Map Leak
Firewall Daily

The GTA 6 Map Leaked by Rockstar Employee’s Son: What’s Disclosed?

December 5, 2023
TrickMo Banking Trojan
Dark Web News

TrickMo Banking Trojan Resurfaces with New Features, Targeting Android Devices this Time Around

December 5, 2023
Vietnam Electricity data breach
Firewall Daily

BlackCat Ransomware Strikes Ho Chi Minh City Power Corporation

December 4, 2023

Categories

Web Stories

Top 10 CISOs to Follow in 2023
Top 10 CISOs to Follow in 2023
Top 10 Ransomware Gangs in 2023
Top 10 Ransomware Gangs in 2023
Top 5 IoT Security Risks in 2023
Top 5 IoT Security Risks in 2023
Top 10 CTF Platforms in 2023
Top 10 CTF Platforms in 2023
Types of Risks Covered by Cyber Insurance
Types of Risks Covered by Cyber Insurance

About

The Cyber Express by Cyble

#1 Trending Cybersecurity News and Magazine

The Cyber Express  by Cyble is a handbook for all stakeholders of the internet that provides information security professionals with the latest news, updates and knowledge they need to combat cyber threats.

 

Contact

For editorial queries: [email protected]

For marketing and Sales: [email protected]

For Events & Conferences related information: [email protected]

 

Quick Links

  • About Us
  • Advertise With Us
  • Contact Us
  • Editorial Calendar

Our Address

We’re remote friendly, with office locations around the world:

San Francisco, Atlanta, Rome,
Dubai, Mumbai, Bangalore, Hyderabad,  Singapore, Jakarta, Sydney, and Melbourne

 

Headquarters:

The Cyber Express LLC
555 North Point Center E
Alpharetta, GA 30022, USA.

 

India Office:

Cyber Express Media Network
HD-021, 4th Floor, C Wing, Building No.4. Nesco IT Park, WE Highway, Goregaon East, Mumbai, Maharashtra, India – 4000063

Subscribe to Our Feed

RSS Feeds

Follow Us On Google News
  • Privacy Statement
  • Terms of Use
  • Write For Us

© 2023 The Cyber Express (Cybersecurity News and Magazine) | By Cyble Inc.

No Result
View All Result
  • Magazine
  • Firewall Daily
  • Essentials
    • Regulations
    • Compliance
    • Governance
    • Policy Updates
  • Features
    • Cyber Warfare
    • Espionage
    • Workforce
      • Learning & Development
  • Business
    • Startups
    • Mergers & Aquisitions
    • Partnerships
    • Appointments
    • Budgets
    • Research
      • Whitepapers
      • Sponsored Content
      • Market Reports
    • Interviews
      • Podcast
  • Events
    • World CyberCon India 2023
    •  Cyber Security Webinar
    • Endorsed Events
  • Products
    • Cyble Vision
    • Cyble Hawk (LEA, Govt.)
    • Am I Breached
    • Cyble Odin

© 2023 The Cyber Express (Cybersecurity News and Magazine) | By Cyble Inc.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.
Top 10 CISOs to Follow in 2023 Top 10 Ransomware Gangs in 2023 Top 5 IoT Security Risks in 2023 Top 10 CTF Platforms in 2023 Types of Risks Covered by Cyber Insurance