Tomcat
Professional
- Messages
- 2,689
- Reaction score
- 929
- Points
- 113
How hackers were able to stay in the networks unnoticed for a month.
The Affiliated Dermatologists (AD) dermatological clinic was the victim of a ransomware attack by the BianLian group, which resulted in the disclosure of personal data of patients and employees. The incident became known when the attackers left a note with ransom demands in the clinic's network.
On April 10, 2024, AD management determined that between March 2 and March 5, 2024, hackers gained access to the systems and copied data from the clinic's network. Among the stolen information were:
Representatives of the clinic in a letter to clients stressed that the amount of leaked information varies for each victim, and not all categories of data are present in each of them. According to the Maine Attorney General's Office, the incident affected about 373,000 people.
After detecting the attack, AD took urgent measures to disable access to their network and attracted information security specialists to restore the system. In addition, the clinic offers victims free credit monitoring and protection against identity theft.
The group, which has been active since June 2022, has already attacked various critical systems around the world. For example, in July 2024, hackers stole 300 GB of data from the French hospital CHU, and in September BianLian announced that it had hacked the IT systems of one of the world's leading non – profit organizations, presumably the international charity Save The Children International.
In addition, in March, the information security company GuidePoint Security discovered that the BianLian group exploits vulnerabilities in the JetBrains TeamCity software to conduct ransomware attacks.
The Affiliated Dermatologists (AD) dermatological clinic was the victim of a ransomware attack by the BianLian group, which resulted in the disclosure of personal data of patients and employees. The incident became known when the attackers left a note with ransom demands in the clinic's network.
On April 10, 2024, AD management determined that between March 2 and March 5, 2024, hackers gained access to the systems and copied data from the clinic's network. Among the stolen information were:
- patient names;
- dates of birth;
- addresses;
- social security numbers;
- medical records;
- Information about patient health insurance claims;
- employee driver's license and passport numbers.
Representatives of the clinic in a letter to clients stressed that the amount of leaked information varies for each victim, and not all categories of data are present in each of them. According to the Maine Attorney General's Office, the incident affected about 373,000 people.
After detecting the attack, AD took urgent measures to disable access to their network and attracted information security specialists to restore the system. In addition, the clinic offers victims free credit monitoring and protection against identity theft.
The group, which has been active since June 2022, has already attacked various critical systems around the world. For example, in July 2024, hackers stole 300 GB of data from the French hospital CHU, and in September BianLian announced that it had hacked the IT systems of one of the world's leading non – profit organizations, presumably the international charity Save The Children International.
In addition, in March, the information security company GuidePoint Security discovered that the BianLian group exploits vulnerabilities in the JetBrains TeamCity software to conduct ransomware attacks.
