Ransomware attack at Louisiana hospital impacts 270,000 patients

The Lake Charles Memorial Health System (LCMHS) is sending out notices of a data breach affecting almost 270,000 people who have received care at one of its medical centers.

LCMHS is the largest medical complex in Lake Charles, Louisiana, comprising a 314-bed hospital, a 54-bed women's hospital, a 42-bed behavioral health hospital, and a primary care clinic for uninsured citizens.

According to the announcement posted on the LCMHS site, the cybersecurity incident occurred on October 21, 2022, when the organization's security team detected unusual activity on the computer network.

An internal investigation concluded on October 25, 2022 revealed that hackers had gained unauthorized access to LCMHS' network and then stole sensitive files.

These files contained patient information such as:

  • Full names
  • Physical addresses
  • Dates of birth
  • Medical records
  • Patient identification numbers
  • Health insurance information
  • Payment information
  • Limited clinical information regarding the received care
  • Social Security numbers (in some cases)

LCMHS' announcement clarifies that its electronic medical records were out of reach for the network intruders.

"Beginning December 23, 2022, we are mailing letters to patients whose information may have been involved in this incident," reads the notification.

"We are offering individuals whose Social Security number may have been included with complimentary credit monitoring and identity theft protection services. Patients are encouraged to review statements from their health insurer and healthcare providers, and to contact them immediately if they see any services they did not receive." - LCMHS

LCMHS reported the incident to the secretary of the U.S. Department of Health and Human Services (HHS). The portal for healthcare-related breaches now reports that 269,752 individuals have been impacted by the incident.

Hive ransomware claims the attack

The Hive ransomware group listed LCMHS on its data leak site on November 15, 2022, a step that typically comes after failed negotiations for paying a ransom.

Interestingly, the hackers claim that the encryption took place on October 25, 2022, four days after LCMHS reported the first detection of the network intrusion.

Hive lists LCMHS on its Tor site
LCMHS breach published on Hive ransomware data leak site
source: BleepingComputer

Hive has also published the files allegedly stolen after breaching LCMHS systems.

The listed files include bills of materials, cards, contracts, medical info, papers, medical records, scans, residents, and more. BleepingComputer could not confirm if these files are authentic or not.

If you have received care on LCMHS in the past, it is recommended to stay vigilant for incoming communications asking you to give away personal information and payment data.

Also, you should monitor your bank statements and report any suspicious transactions to your bank immediately.

Related Articles:

London hospitals cancel over 800 operations after ransomware attack

London hospitals face blood shortage after Synnovis ransomware attack

French hospital CHC-SV refuses to pay LockBit extortion demand

Qilin ransomware gang linked to attack on London hospitals

Ascension hacked after employee downloaded malicious file