Security Affairs
Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Norton Healthcare disclosed a data breach after a ransomware attack

Kentucky health system Norton Healthcare disclosed a data breach after it was a victim of a ransomware attack in May. Norton Healthcare disclosed a data breach after a ransomware attack that hit the organization on May 9, 2023. The security breach exposed personal information belonging to patients, employees, and dependents. The health system notified federal […]

Xsolis

Kentucky health system Norton Healthcare disclosed a data breach after it was a victim of a ransomware attack in May.

Norton Healthcare disclosed a data breach after a ransomware attack that hit the organization on May 9, 2023. The security breach exposed personal information belonging to patients, employees, and dependents. The health system notified federal law enforcement and launched an investigation into the incident with the help of a leading forensic security provider.

Norton Healthcare is a healthcare system based in Louisville, Kentucky (US). It is a leading provider of health services and medical care in the region. Norton Healthcare operates a network of hospitals, medical centers, physician practices, and other healthcare facilities.

Norton Healthcare operates more than 40 clinics and hospitals in and around Louisville, Kentucky.

“On May 9, 2023, Norton Healthcare discovered that it was experiencing a cybersecurity incident, later determined to be a ransomware attack.” reads the notice of security incident. “Our investigation determined that an unauthorized individual(s) gained access to certain network storage devices between May 7, 2023, and May 9, 2023, but did not access Norton Healthcare’s medical record system or Norton MyChart.”

Threat actors gained access to files containing personal information of patients, employees, and dependents. The compromised information varied for each person and could have included: name, contact information, Social Security Number, date of birth, health information, insurance information, and medical identification numbers.  In some instances, the exposed data may have included driver’s license numbers or other government ID numbers, financial account numbers, and digital signatures.

Norton Healthcare is offering impacted individuals two years of credit monitoring.

On May 25, 2023, the AlphV/BlackCat group claimed responsibility for the attack. BlackCat claimed to have exfiltrated 4.7 TB of data and leaked dozens of files as proof of the hack.

At the time of this writing the dark web leak site of the AlphV group is unavailable. BleepingComputer reported that the outage could be the result of a law enforcement operation.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Healthcare)