UPDATED 20:15 EDT / JULY 08 2024

SECURITY

RansomHub publishes stolen Florida Health Department data after ransom deadline passes

Ransomware gang RansomHub has released up to 100 gigabytes of files stolen from the Florida Department of Health after the department declined to pay a ransom payment following a ransomware attack last week.

The ransomware attack, described by Governor Ron DeSantis as a “cyber incident,” struck the department on July 2 and caused disruptions to vital services, including the recording of births, deaths, divorces, marriages and apostilles. According to local media, the attack particularly disrupted service at funeral homes, with providers forced to revert to manually completing death certificates by hand.

RansomHub reportedly gave the health department only until last Friday to pay a ransom before starting to publish the stolen data. Under Florida law, government entities cannot pay ransom payments, so the deadline was missed and data was published.

While the amount of data said to have been stolen accounted for 100 gigabytes, it’s not confirmed that this is the amount of data actually published by Ransomhub. What has been confirmed, at least by Databreaches.net, is that the data shared included large sums of personally identifiable information and protected health information.

The published stolen data includes logs of chest X-ray scheduling for 2023 and the first half of 2024, with thousands of entries containing names, dates of birth, appointment details and result dates. Workers’ compensation records provided extensive details on employees’ accidents, injuries, treatment history and personal demographics.

Additional documents included scanned passport images, prescriptions for named patients and completed applications for Florida’s Healthy Start Program with parents’ demographic details. Other records included mammography screening results, family planning forms, dental service referrals and personal correspondence, all of which are said to contain various personal and medical information.

“Breaches such as this one by RansomHub… is another persistent reminder of the vulnerability within the public sector,” Carol Volk, an executive at ransomware protection company Bullwall A/S, told SiliconANGLE. “The disruption of the Vital Statistics system, crucial for issuing birth and death certificates, highlights not only the operational impact but also the personal ramifications for residents.”

The incident underscores the urgency for improved cybersecurity measures, Volk added. “Knowing that this trend will continue, we need to be adding measures such as multi-factor authentication, encryption and ransomware containment to ensure we have protective layers against data access and exfiltration once the attackers are in-system,” she said.

Image: SiliconANGLE/GPT-4o

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU