{"id":21466,"date":"2023-03-13T16:10:37","date_gmt":"2023-03-14T00:10:37","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2023\/03\/13\/news-15197\/"},"modified":"2023-03-13T16:10:37","modified_gmt":"2023-03-14T00:10:37","slug":"news-15197","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2023\/03\/13\/news-15197\/","title":{"rendered":"Breast cancer photos published by ransomware gang"},"content":{"rendered":"<p>The Russia-linked ALPHV ransomware group, also known as <a href=\"https:\/\/www.malwarebytes.com\/blog\/news\/2022\/06\/alphv-aims-to-shock-victim-with-dedicated-leak-site-for-its-employees-and-customers\">BlackCat<\/a>, has posted sensitive clinical photos of breast cancer patients&mdash;calling them &#8220;nude photos&#8221;&mdash;to extort money from the Lehigh Valley Health Network (LVHN).<\/p>\n<p>This has triggered a chorus of accusations from the cybersecurity community, with some labeling the group as &#8220;<a rel=\"noreferrer noopener\" href=\"https:\/\/twitter.com\/Maxwsmeets\/status\/1632654116320075776\" target=\"_blank\">barbarians<\/a>&#8221; and others saying the group is&nbsp;&#8220;<a rel=\"noreferrer noopener\" href=\"https:\/\/twitter.com\/vxunderground\/status\/1632465659417206786\" target=\"_blank\">exploiting and sexualizing breast cancer<\/a>&#8220;.<\/p>\n<p style=\"text-align: center;\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.malwarebytes.com\/blog\/news\/2023\/03\/easset_upload_file16806_260956_e.png\" alt=\"\" width=\"756\" height=\"717\" style=\"display: block; margin-left: auto; margin-right: auto;\" \/>The leak page for data stolen from the Lehigh Valley Health Network. Apart from the clinical photos, ALPHV also leaked sensitive, personally identifiable information on passports and questionnaires.<\/p>\n<p>&#8220;This unconscionable criminal act takes advantage of patients receiving cancer treatment, and LVHN condemns this despicable behavior,&#8221; LVHN spokesman Brian Downs said,&nbsp;<em>Lehigh Valley News<\/em>&nbsp;<a rel=\"noreferrer noopener\" href=\"https:\/\/www.lehighvalleynews.com\/health-news\/2023-03-07\/hackers-posted-photos-of-lvhn-cancer-patients-receiving-treatment-hospital-says\" target=\"_blank\">reported<\/a>.<\/p>\n<p>LVHN <a href=\"https:\/\/www.malwarebytes.com\/blog\/news\/2023\/02\/lehigh-valley-health-network-targeted-by-blackcat-ransomware\">had previously said<\/a>&nbsp;it fell&nbsp;victim to a BlackCat ransomware attack on February 20. The Network initially detected an intrusion within its IT systems on February 6&nbsp;and said that initial analysis showed the attack was on a network supporting one physician practice located in Lackawanna County.<\/p>\n<p>The&nbsp;ransom amount has <a href=\"https:\/\/news.yahoo.com\/lehigh-valley-health-network-hit-200300251.html\" target=\"_blank\">never<\/a>&nbsp;been made&nbsp;public,&nbsp;but we know that the Network decided&nbsp;not to pay ALPHV anyway. Lehigh&#8217;s website has remained offline since the attack.<\/p>\n<h2>How to avoid ransomware<\/h2>\n<ul>\n<li><strong>Block common forms of entry<\/strong>. Create a plan for <a href=\"https:\/\/www.malwarebytes.com\/business\/vulnerability-patch-management\">patching vulnerabilities<\/a> in internet-facing systems quickly; disable or <a href=\"https:\/\/www.malwarebytes.com\/blog\/news\/2022\/03\/blunting-rdp-brute-force-attacks-with-rate-limiting\">harden remote access<\/a> like RDP and VPNs; use <a href=\"https:\/\/www.malwarebytes.com\/business\/edr\">endpoint security software<\/a> that can detect exploits and malware used to deliver ransomware.<\/li>\n<li><strong>Detect intrusions<\/strong>. Make it harder for intruders to operate inside your organization by segmenting networks and assigning access rights prudently. Use <a href=\"https:\/\/www.malwarebytes.com\/business\/edr\">EDR<\/a> or <a href=\"https:\/\/www.malwarebytes.com\/business\/managed-detection-and-response\">MDR<\/a> to detect unusual activity before an attack occurs.<\/li>\n<li><strong>Stop malicious encryption<\/strong>. Deploy Endpoint Detection and Response software like <a href=\"https:\/\/www.malwarebytes.com\/business\/edr\">Malwarebytes EDR<\/a> that uses multiple different detection techniques to identify ransomware.<\/li>\n<li><strong>Create offsite, offline backups<\/strong>. Keep backups offsite and offline, beyond the reach of attackers. Test them regularly to make sure you can restore essential business functions swiftly.<\/li>\n<li><strong>Write an incident response plan<\/strong>. The period after a ransomware attack can be chaotic. Make a plan that outlines how you&#8217;ll isolate an outbreak, communicate with stakeholders, and restore your systems.<\/li>\n<\/ul>\n<hr \/>\n<p dir=\"ltr\">Have a question or want to learn more about our cyberprotection? Get a free business trial below.<\/p>\n<p style=\"text-align: center;\"><span class=\"blue-cta-bttn\" style=\"background-color: #0d3ecc; line-height: 50px; padding: 0 20px;\"><a style=\"color: #fff;\" href=\"https:\/\/www.malwarebytes.com\/business\/contact-us\/\">GET STARTED<\/a><\/span><\/p>\n<p><a href=\"https:\/\/www.malwarebytes.com\/blog\/news\/2023\/03\/breast-cancer-photos-published-by-ransomware-gang\" target=\"bwo\" >https:\/\/blog.malwarebytes.com\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<table cellpadding=\"10\">\n<tr>\n<td valign=\"top\" align=\"left\">\n<p>Categories: <a href=\"https:\/\/www.malwarebytes.com\/blog\/category\/news\" rel=\"category tag\">News<\/a><\/p>\n<p>Categories: <a href=\"https:\/\/www.malwarebytes.com\/blog\/category\/ransomware\" rel=\"category tag\">Ransomware<\/a><\/p>\n<p>Tags: ALPHV<\/p>\n<p>Tags:  BlackCat<\/p>\n<p>Tags:  Lehigh Valley Health Network<\/p>\n<p>Tags:  LVHN<\/p>\n<p>Russia-linked ransomware group ALPHV has leaked the data it stole from Lehigh Valley Health Network, including clinical photos of women undergoing breast cancer treatment.<\/p>\n<table width=\"100%\">\n<tr>\n<td align=\"right\">\n<p><b>(<a href=\"https:\/\/www.malwarebytes.com\/blog\/news\/2023\/03\/breast-cancer-photos-published-by-ransomware-gang\" title=\"Breast cancer photos published by ransomware gang\">Read more&#8230;<\/a>)<\/b><\/p>\n<\/td>\n<\/tr>\n<\/table>\n<\/td>\n<\/tr>\n<\/table>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/www.malwarebytes.com\/blog\/news\/2023\/03\/breast-cancer-photos-published-by-ransomware-gang\">Breast cancer photos published by ransomware gang<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/www.malwarebytes.com\">Malwarebytes Labs<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10488,10378],"tags":[26819,25303,28742,28743,32,3765],"class_list":["post-21466","post","type-post","status-publish","format-standard","hentry","category-malwarebytes","category-security","tag-alphv","tag-blackcat","tag-lehigh-valley-health-network","tag-lvhn","tag-news","tag-ransomware"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/21466","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=21466"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/21466\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=21466"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=21466"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=21466"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}