[Security News] Rhysida Ransomware Gang Claims Attacks on Prospect Medical Holdings

rhysida ransomware

August 2023


1. Rhysida ransomware gang claims attacks on Prospect Medical Holdings

Prospect Medical Holdings, a fast-growing healthcare services company based in Los Angeles, California, suffered a ransomware attack on August 3 that impacted its hospitals and medical facilities across four US states. The company was forced to shut down its IT systems.

The newly emerged Rhysida ransomware gang claimed responsibility for the attack in late August. The ransomware-as-a-service (RaaS) operator said it had stolen 1 TB of documents and 1.3 TB of databases that contained corporate documents, patient records, and the Social Security Numbers of 500,000 individuals.

Prior to the claim, the US Department of Health and Human Services (HHS) issued a warning saying that Rhysida was behind the recent attacks against the healthcare sector. According to the statement, Rhysida is a relatively new RaaS group that emerged in May 2023. Although still at its initial stage, it has successfully attacked organizations across Europe, the Americas, and Australia.

Sources: SC Media, Bleeping Computer


2. Australian energy supplier Energy One suffers cyberattack impacting UK systems

Energy One, an Australian-based software supplier to the energy sector, disclosed on August 18 a cyberattack that impacted its corporate systems in both Australia and the UK. The ASX-listed company provides data management software and services to energy retailers and generators in both Australia and Europe.

Energy One had to separate its corporate systems from its customer-facing systems to prevent the attack from spreading further. The point of entry remains unknown and the company is still investigating whether personal data were affected.

Some of Energy One’s biggest customers include Good Energy in the UK, which supplies electricity and gas to over 7 million homes and has been relying on Energy One for data transfers with the National Grid.

An attack on a software supplier of critical national infrastructure can have a tremendous impact on national security as it is directly linked to the supplies of electricity, gas, water, and communications.

Sources: Computer Weekly, IT News, CSO Online


3. Data breach at French employment agency impacts 10 million jobseekers

Pôle emploi, the national employment agency of France, disclosed a data breach incident that impacted the personal information of up to 10 million people.

Impacted individuals include 6 million people who registered with the agency in February 2022, as well as another 4 million people who had unregistered within the previous 12 months. Exposed data included names, employment status, and social security numbers. The agency reassured that contact information, passwords, and financial information are not exposed.

The data breach is linked to Majorel, the agency’s contractor for processing jobseeker data. Majorel is one of the victims of the MOVEit hack, which has impacted nearly 1,000 organizations worldwide so far.

Sources: Infosecurity, Security Affairs


Check out Penta Security’s product lines:

Web Application Firewall: WAPPLES

Database Encryption: D’Amo

Identity and Access Management: iSIGN+ 

Car, Energy, Factory, City Solutions: Penta IoT Security