BleepingComputer reports that Idaho-based non-profit health provider Kootenai Health had information from more than 464,000 patients compromised following a ransomware attack earlier this year claimed by the 3AM ransomware gang.
After infiltrating Kootenai Health's IT systems on Feb. 22, the ransomware operation spent 10 days to facilitate the theft of patients' full names, birthdates, Social Security numbers, government ID numbers, and driver's licenses, as well as medical record numbers, diagnoses, treatment and condition information, and health insurance details, said the provider in a filing with the Office of the Maine Attorney General, which noted no evidence of any information misuse. Meanwhile, Kootenai Health's refusal to pay the demanded ransom has prompted the 3AM ransomware operation to leak a 22 GB archive containing the stolen information for free on its darknet portal. Such a development comes months after 3AM was noted by Intrinsec researchers to be associated with the Conti and Royal ransomware groups.