Rhysida ransomware group adds two new victims in the healthcare sector – Bayhealth and Community Care Alliance – threatening to sell the stolen data.
The first victim is Delaware-based Bayhealth, a not-for-profit healthcare system, and the second victim is Rhode Island-based Community Care Alliance, which offers programs for individuals dealing with mental illness, addiction, housing issues and trauma-related issues.
Rhysida claims to have stolen the personal information of Bayhealth patients, demanding a 25 bitcoin payment, or about $1.5 million.
With just 7 days on the clock, seize the opportunity to bid on exclusive, unique, and impressive data. Open your wallets and be ready to buy exclusive data. We sell only to one hand, no reselling, you will be the only owner!.
As per the Bayhealth statement, On Aug. 7, we were made aware that a third party claimed to have taken and posted Bayhealth data. We will continue to keep stakeholders informed as appropriate as the situation develops,
Upon discovery, Bayhealth took proactive measures to mitigate potential risks, including disconnecting from specific external systems. This action led to temporary interruptions in access to a limited number of systems.
An investigation has been launched with a third-party forensic firm to determine the incident’s nature and scope. Bayhealth did not comment to ISMG on whether Rhysida was behind the attack.
Rhysida’s dark website listing for Community Care Alliance, the cybercriminal group claims to have stolen a SQL database with more than 2.5 terabytes of data containing personal information including addresses, Social Security numbers, phone numbers and credit card numbers. Community Care Alliance declined to comment on Rhysida’s claims.
Rhysida’s ransomware operations date back to at least June of 2023, first observed victims posted to the group’s data leak site. When compared to other ransomware groups since the start of 2024, Rhysida is notable but not the most prolific offender in terms of number of victims.
