Consulate Health Care (CHC), a chain of service providers suffered a ransomware attack by the Hive ransomware gang.
The ransomware group claimed to acquire documents like contracts, NDA and other agreements documents – company's private info (budgets, plans, evaluations, revenue cycle, investors relations, company structure, etc.) – employees' info (social security numbers, emails, addresses, phone numbers, photos, insurances info, payments, etc.) – customers info (medical records, credit cards, emails, social security numbers, phone numbers, insurances, etc.
The threat actors decided to leak CHC data because CHC had ended negotiations after several weeks.
Source: https://www.databreaches.net/consulate-health-care-chain-hit-by-hive/
TPRM report: https://scoringcyber.rankiteo.com/company/consulate-management-company
"id": "con21489123",
"linkid": "consulate-management-company",
"type": "Ransomware",
"date": "01/2023",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'industry': 'Healthcare',
'name': 'Consulate Health Care',
'type': 'Healthcare service provider'}],
'data_breach': {'data_exfiltration': 'Yes',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Contracts',
'NDA and other agreements',
"Company's private info "
'(budgets, plans, evaluations, '
'revenue cycle, investors '
'relations, company structure, '
'etc.)',
"Employees' info (social "
'security numbers, emails, '
'addresses, phone numbers, '
'photos, insurances info, '
'payments, etc.)',
'Customers info (medical '
'records, credit cards, emails, '
'social security numbers, phone '
'numbers, insurances, etc.)']},
'description': 'Consulate Health Care (CHC), a chain of service providers, '
'suffered a ransomware attack by the Hive ransomware gang. The '
'ransomware group claimed to acquire documents like contracts, '
"NDA and other agreements documents – company's private info "
'(budgets, plans, evaluations, revenue cycle, investors '
"relations, company structure, etc.) – employees' info (social "
'security numbers, emails, addresses, phone numbers, photos, '
'insurances info, payments, etc.) – customers info (medical '
'records, credit cards, emails, social security numbers, phone '
'numbers, insurances, etc.). The threat actors decided to leak '
'CHC data because CHC had ended negotiations after several '
'weeks.',
'impact': {'data_compromised': ['Contracts',
'NDA and other agreements',
"Company's private info (budgets, plans, "
'evaluations, revenue cycle, investors '
'relations, company structure, etc.)',
"Employees' info (social security numbers, "
'emails, addresses, phone numbers, photos, '
'insurances info, payments, etc.)',
'Customers info (medical records, credit '
'cards, emails, social security numbers, '
'phone numbers, insurances, etc.)'],
'identity_theft_risk': 'High',
'payment_information_risk': 'High'},
'initial_access_broker': {'data_sold_on_dark_web': 'No'},
'motivation': 'Financial gain',
'ransomware': {'data_exfiltration': 'Yes', 'ransomware_strain': 'Hive'},
'threat_actor': 'Hive ransomware gang',
'title': 'Consulate Health Care Ransomware Attack',
'type': 'Ransomware'}