A Kentucky-based hospital chain is notifying millions of individuals that their information was potentially exfiltrated in an attack detected seven months ago. Russian-speaking ransomware-as-a-service group Alphv/BlackCat – which is currently reportedly undergoing its own operational disruptions – allegedly took credit in May for the data theft.
Norton Healthcare, a nonprofit healthcare system that operates eight hospitals in Kentucky and Indiana, said in a breach report to the Maine attorney general’s office on Friday that it did not pay a ransom.