cyber Ransomware

Tift Regional Health System

May 11, 2023 1 min read
Tift Regional Health System

Tift Regional Medical Center in Georgia fell victim to a ransomware attack in July 2022 after the Hive group gained access to your network through Citrix.

The Hive ransomware group accessed information like company private info (budgets, plans, taxes, contracts, NDA, other agreements, etc), medical records (patient name, address, gender, SSN, insurance, diagnosis included), employee private info (payrolls, contracts, NDA, SSN, salaries, addresses, passports, etc), emails between your companies and patients/partners.

The group put the negotiable amount to $1,150,000.00 to delete and not publish the stolen information and data.

Source: https://www.databreaches.net/scoop-tift-regional-medical-center-victim-of-ransom-attack-in-july/

TPRM report: https://scoringcyber.rankiteo.com/company/tift-regional-medical-center

"id": "tif23651222",
"linkid": "tift-regional-medical-center",
"type": "Ransomware",
"date": "07/2022",
"severity": "85",
"impact": "",
"explanation": "Attack with significant impact with internal employee and customers data leaks"
{'affected_entities': [{'industry': 'Healthcare',
                        'location': 'Georgia',
                        'name': 'Tift Regional Medical Center',
                        'type': 'Healthcare'}],
 'attack_vector': 'Citrix',
 'data_breach': {'data_exfiltration': 'Yes',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Company private info',
                                              'Medical records',
                                              'Employee private info',
                                              'Emails']},
 'date_detected': 'July 2022',
 'description': 'Tift Regional Medical Center in Georgia fell victim to a '
                'ransomware attack in July 2022 after the Hive group gained '
                'access to your network through Citrix.',
 'impact': {'data_compromised': ['Company private info (budgets, plans, taxes, '
                                 'contracts, NDA, other agreements, etc)',
                                 'Medical records (patient name, address, '
                                 'gender, SSN, insurance, diagnosis included)',
                                 'Employee private info (payrolls, contracts, '
                                 'NDA, SSN, salaries, addresses, passports, '
                                 'etc)',
                                 'Emails between companies and '
                                 'patients/partners']},
 'initial_access_broker': {'entry_point': 'Citrix'},
 'motivation': 'Financial',
 'ransomware': {'data_exfiltration': 'Yes',
                'ransom_demanded': '$1,150,000.00',
                'ransomware_strain': 'Hive'},
 'threat_actor': 'Hive ransomware group',
 'title': 'Ransomware Attack on Tift Regional Medical Center',
 'type': 'Ransomware'}
Published by
Harshit Kaur Bhatia
Harshit Kaur Bhatia
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.