• About Us
  • Events
  • Newsletter Sign Up
  • Spotlight Series
  • Webinars
  • WhitePapers
  • Videos
  • Podcasts
    1. Cybersecurity
    2. Data Breaches

    Hive Ransomware Group Hits the Partnership HealthPlan of California

    March 31, 2022
    The Hive Ransomware group, which was first observed in June of 2021 and known to target healthcare organizations, has stolen 850,000 PII records from the Partnership HealthPlan of California
    Dreamstime Xxl 133846465 6245d08973da9

    According to a March 29 article from VentureBeat by Kyle Alspach, the Hive Ransomware group posted on its dark website that it has stolen 850,000 personally identified information (PII) records from the Partnership HealthPlan of California.

    The Hive Ransomware group was first observed in June of 2021 and on Sept. 3, 2021 we reported that the FBI had released an alert about the malicious Hive ransomware, the same group that took down Memorial Health System on Aug. 15.

    “The alert says that ‘Hive ransomware, which was first observed in June 2021 and likely operates as an affiliate-based ransomware, employs a wide variety of tactics, techniques, and procedures (TTPs), creating significant challenges for defense and mitigation,’ we reported. ‘Hive ransomware uses multiple mechanisms to compromise business networks, including phishing emails with malicious attachments to gain access and Remote Desktop Protocol (RDP) to move laterally once on the network.’”

    Further, “’After compromising a victim network, Hive ransomware actors exfiltrate data and encrypt files on the network. The actors leave a ransom note in each affected directory within a victim’s system, which provides instructions on how to purchase the decryption software. The ransom note also threatens to leak exfiltrated victim data on the Tor site, ‘HiveLeaks.’”

    The Partnership HealthPlan of California’s website is “temporarily unavailable” and has the following statement on its landing page:

    “Partnership HealthPlan of California recently became aware of anomalous activity on certain computer systems within its network. We are working diligently with third-party forensic specialists to investigate this disruption, safely restore full functionality to affected systems, and determine whether any information may have been potentially accessible as a result of the situation. Should our investigation determine that any information was potentially accessible, we will notify affected parties according to regulatory guidelines. We appreciate your patience and understanding and apologize for any inconvenience.”

    Alspach reports that “The Hive ransomware group posted its claim about the stolen Partnership HealthPlan of California data on Tuesday [March 29, 2022]. The data includes 850,000 unique PII records, such as name, social security number and address, according to the group. The stolen data also includes 400 GB of stolen files from the organization’s server, Hive claimed.”

    Continue Reading

    Sponsored Recommendations

    10 Reasons to Run Epic on Pure

    Gain efficiency & add productivity to your Epic data center. Download now to learn more!

    Payer Platform Services and Support

    Let’s leverage Payer Platform for smooth, seamless operations.When tasks are important and need to be done right, you trust the experts. The same is true for your...

    Pure Powers Progressive Payers

    Increase your business agility with Pure’s digital payer platform.Legacy storage solutions cannot keep up with the ever-expanding initiatives in the payer market. To deploy...

    Executive Handbook: Ten Transformative Trends 2024

    The editors of Healthcare Innovation have published their annual Ten Transformative Trends ensemble of articles