top of page
Abstract Background_edited_edited.jpg

Healthcare sector under active attack

Updated: May 6, 2023

On March 4, 2023, a ransomware gang known as BlackCat threatened to release patient data stolen from a healthcare provider if their demands were not met. This news has caused concern among healthcare providers, patients, and cyber security professionals, as the unauthorized release of sensitive medical information can have serious consequences.

Public announcement by ransomware group BlackCat to target organizations affiliated or working in the healthcare sector.

Ransomware attacks have become increasingly common in recent years, with cybercriminals targeting organizations of all sizes and industries. These attacks typically involve encrypting and exfiltrating data. Without access to the data, the organization is held hostage until the demanded ransom is paid. In many cases, the attackers threaten to release the data if their demands are not met within a few days. Sadly, even paying the ransom does not guarantee that the cybercriminals will share the decryption key to access the data. Furthermore, some ransomware gangs still release the stolen data, even if the ransom was paid.

In the case of BlackCat, they have publicly announced that their targets are companies in the healthcare sector. This is particularly alarming given the sensitive nature of medical information, including personal details, treatment information, insurance details, medical histories, and other sensitive data. They even went so far as to display screenshots of stolen patient data on their dark web leak site.

The potential consequences of a data breach are significant. Patients' personal and medical information can be used for identity theft, fraud, and other nefarious purposes. Moreover, the loss of trust resulting from a data breach can have a long-lasting impact on a healthcare provider's reputation and bottom line.

Implementing robust cybersecurity measures is crucial to prevent these types of attacks. This includes regular data backups, employee training on phishing and other security threats, and the use of advanced security software.

In addition, patients themselves can take steps to protect their data. This includes being vigilant about sharing personal information, monitoring credit reports for suspicious activity, and reporting any suspected data breaches to the relevant authorities.

We will continue to monitor this situation and provide updates as they become available. In the meantime, we urge all organizations in the healthcare sector and patients to remain vigilant and take the necessary precautions to protect their data.

By utilizing proactive measures and deliberately taking care of implementing reasonable cyber risk mitigation efforts, you contribute significantly to protecting sensitive information.

Proactive Discovery has made it its mission to put a cyber security resource in your corner so you can focus on your business. Proactive Discovery provides a fully managed cyber risk mitigation service that operates on a 24x7x365 monitor and response model. Our team of cyber security professionals is focused on preventing, detecting, and removing cyber threats. Before now, this level of cyber risk mitigation was only available to large corporations with big security budgets and departments. We are now making the same enterprise-level cyber risk mitigation capabilities a reality for boutique firms and small businesses.

We're all vulnerable to cyber-attacks.

Start your cyber risk mitigation journey by scheduling a free consultation at or visit our fully-managed RESOLUTE cyber risk mitigation service page for more details.

Stay safe and secure out there!



RESOLUTE is a fully-managed cyber risk mitigation service that helps boutique and SMB (small to medium-size business) organizations protect, mitigate, and prepare against constantly evolving cyber threats.

bottom of page