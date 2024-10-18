Infamous ransomware group BianLian has claimed responsibility for a cyberattack which recently targeted Boston Children's Health Physicians (BCHP).

It’s not yet clear how much the ransom demand is, or the group’s deadline. The BCHP confirmed on September 6 it identified unusual activity and by the 10th, systems had been shut down due to unauthorized access detected within the network.

The compromised information is said to contain patient, employee, and guarantor information, including social security numbers, medical record numbers, health insurance, and billing information, as well as personally identifiable data like full names and dates of birth.

BianLian crosses the line

The threat actor claims to have an unspecified amount of finance and HR data, as well as the health records, insurance details, and email correspondence relating to children treated by the organization.

Healthcare organizations have not been off the cards for cyberattacks and have become one of the most popular targets for ransomware due to the sensitive nature of the data they hold and the high stakes of their operations.

Whilst hospitals are not off the cards, targeting an organization that exclusively deals with children is pretty rare, as most ransomware groups would consider that particularly morally egregious.

In fact, last year infamous group Lockbit issued a formal apology for targeting a children’s hospital in Canada, admitting the attack violated its rules of engagement. After the incident, the group said in a statement that it removed the affiliate and blocked them from the group.

Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors

Lockbit gave back the decryptor for free and affirmed that it forbids affiliates from encrypting endpoints whose operations are crucial to save patient’s lives.

Via BleepingComputer