Ann & Robert H. Lurie Children’s Hospital of Chicago is informing hundreds of thousands of individuals that their personal and health information has been compromised as a result of a ransomware attack.
The children’s hospital took many of its systems offline in late January in response to a cyberattack. The incident resulted in limited access to medical records, disruptions to a patient portal, and hampered communications.
An investigation revealed that cybercriminals had access to Lurie Children’s systems between January 26 and January 31, 2024.
A wide range of information was compromised, including name, address, date of birth, dates of service, driver’s license number, Social Security number, email address, phone number, health claims information, medical condition or diagnosis, medical record number, medical treatment, and prescription information.
The children’s hospital did not specifically say that it was targeted by a ransomware group, but it did say in a data breach notification on its website that it refused to pay a ransom.
“Experts have advised that making a payment to cybercriminals does not guarantee the deletion or retrieval of data that has been taken. Once our investigation team identified an amount of data that was impacted by the cybercriminals, we worked closely with law enforcement to retrieve that data,” Lurie Children’s said.
Indeed, the Rhysida ransomware group, which took credit for the attack on Lurie Children’s, has claimed on its website that the data stolen from the hospital has been sold, which indicates that a ransom has not been paid. The cybercriminals claim to have stolen 600 Gb of data from the organization.
A notice published by the Maine Attorney General’s office on Thursday reveals that the incident has affected more than 791,000 people.
Impacted individuals are being notified and offered 24 months of identity and fraud protection services at no cost.
Related: Cyberattacks on Hospitals Are Likely to Increase, Putting Lives at Risk, Experts Warn
Related: Change Healthcare to Start Notifying Customers Who Had Data Exposed in Cyberattack
Related: CISA Warns of Attacks Exploiting NextGen Healthcare Mirth Connect Flaw
Related: 900k Impacted by Data Breach at Mississippi Healthcare Provider