Valley Health System
Valley Health System experienced a ransomware attack.
VHS provides primary and preventative care to approximately 75,000 patients each year in southern West Virginia, southeastern Ohio, and eastern Kentucky, operating more than 40 healthcare facilities.
The attack had disrupted access to some VHS computer systems.
The Sodinokibi (“REvil”) threat actors had identified VHS on their leak site and said to publish data such as private data, information about clients and employees, and confidential information if not contacted.
REvil provided some screenshots and files as proof of access.
One screenshot showed a Reports directory consisting of a list of folders where each folder name was a patient’s name. Another screenshot showed a patient record involving prescription opioid management.
"id": "VAL05725123",
"linkid": "valley-health-system_2",
"type": "Ransomware",
"date": "08/2020",
"severity": "75",
"impact": "2",
"explanation": "Attack limited on finance or reputation"