Norton Healthcare Confirms ALPHV May Ransomware Attack

In a public notification, Norton Healthcare disclosed that the May security incident had compromised sensitive data belonging to patients, former and current employees, and dependants.

Based in Louisville, Kentucky (US), Norton Healthcare is a leading provider of medical care and health services across Greater Louisville, Southern Indiana, and the Commonwealth of Kentucky. It

‘’On May 9, 2023, Norton Healthcare discovered that it was experiencing a cybersecurity incident, later determined to be a ransomware attack,’’ Norton revealed.

On confirming the cyberattack, the healthcare provider notified federal law enforcement, and engaged a leading forensic security provider to investigate the incident.

Its investigation revealed that certain network storage devices were accessed by an unauthorized threat actor between May 7, and May 9, 2023, respectively.

Although the hackers were unable to access its healthcare’s medical record system or Norton MyChart; sensitive personal information, including name contact details, Social Security Number, date of birth, health data, insurance information, and medical identification numbers were accessed.

In case of certain individuals, information like, financial account numbers, driver’s licenses or other government ID numbers, and digital signatures were also exposed.

Norton Healthcare says that in addition to bolstering its security systems, it will also provide 2-year complimentary credit monitoring and identity protection services to impacted individuals.

While the healthcare provider didn’t call it a ransomware attack, notorious ALPHV (BlackCat) took responsibility for the attack in late May, claiming to have stolen 4.7TB of company data. Furthermore, as proof of its claim, the gang posted dozens of files, including images of checks and bank statements, Social Security number, and other personal information.

In the breach filing with the US HHS’ Office for Civil Rights, Norton Healthcare disclosed that 501 individuals were impacted. But the incident report filed with the Office of the Maine Attorney General suggests the number to be 2.5 million.