SecurityWeek reports that Ohio-based nursing home Carespring Health Management had information from 76,719 individuals exfiltrated following a cyberattack last October.
Individuals' names, birthdates, Social Security numbers, addresses, and health insurance details, as well as medical and diagnosis data, have been compromised by threat actors who infiltrated Carespring's network between Oct. 12 and Oct. 30, said Carespring, which only determined the breach last month, in notification letters that were also provided to the Maine Attorney General's Office. Additional information regarding the specifics of the incident, which is still under investigation, was not provided by Carespring but the nursing home had been listed across numerous ransomware operations' leak sites since the intrusion. After being claimed to be compromised by the NoEscape ransomware operation, which purportedly stole 364 GB of data from the facility, in November, Carespring has since been added to the sites of Hunters International and LockBit ransomware gangs in February and May, respectively.
