Prospect Medical Holdings has now confirmed what already seemed clear to researchers and those who check leak sites. The threat actors did get files with personal information.
Prospect Medical Holdings is confirming new details about a massive data theft from three Connecticut hospitals and others around the country in a nearly month-old cyber attack by a shadowy worldwide extortion group known as Rhysida.
In a written statement, Prospect verified the attack has knocked computer systems offline and for the first time confirmed some information has been obtained by the hackers.
Read more at CT Insider.
The Rhysida threat group’s listing on the dark web includes some proof of access and exfiltration of data. It also includes a claim:
They kindly provided: more than 500000 SSN, passports of their clients and employees, driver’s licenses, patient files (profile, medical history), financial and legal documents!!! If you are interested in our partner’s confidential documents, you will be able to purchase them too!!! Total 1TB unique files, as well as 1.3TB SQL database.