Memorial Health System is attacked by Hive Ransomware Operators

Hive ransomware operators have attacked the Memorial Health System and encrypted their system forcing the employees to move back to the traditional paper charts work routine. The incident was identified by the IT team on Sunday morning when the network started behaving weirdly.

The Memorial Health System is composed of three hospitals in Ohio and West Virginia and is managed by volunteers from the community with a headcount of around 3000 staff in total.

Impact of the Hive ransomware attack

The incident has caused massive hindrance to normal operations of the hospital affecting the clinical cases including surgeries and radiology examinations. as the schedule for Monday was cancelled. The Memorial Health System has issued a press release addressing the issue to notify its stakeholders and the community about the attack.

 “Maintaining the safety and security of our patients and their care is our top priority and we are doing everything possible to minimize disruption,” says Memorial Health System president and CEO Scott Cantley, “Staff at our hospitals- Marietta Memorial, Selby, and Sistersville General Hospital – are working with paper charts while systems are restored, and data recovered.” 

Scott Cantley, President and CEO of Memorial Health System mentioned that the employee and patient data are safe and the investigation is in process to understand the details of the attack. However, it is possible that the attackers might have stolen more than 200,000 patient records including social security numbers, names, dates of birth and other sensitive details. The Hive ransomware was first discovered by dnwls0719 in June, and has been very active since then affecting multiple victims already.

 “At this time no known patient or employee personal or financial information has been compromised,” he said. “We are continuing to work with IT security experts to methodically investigate to precisely understand what happened and are taking the appropriate actions to resolve any and all issues.” 

More on the HiveLeaks

Hive has a leaks site where they have hosted all the encrypted and stolen records called HiveLeaks. Hive used to target SMB’s for their action and that is what could be confirmed based on the data available on HiveLeaks. And one such victim is Altus Group, software and data solution for real estate industry.

Subscribe to our newsletter for daily alerts on cyber events,-+ you can also follow us on Facebook, Linkedin, Instagram, Twitter and Reddit.