LockBit 3.0 Strikes Malama I Ke Ola Health Center

Incident Date: Jun 07, 2024

Attack Overview

VICTIM

Malama I Ke Ola Health Center

INDUSTRY

Hospitals & Physicians Clinics

LOCATION

USA

ATTACKER

Lockbit

FIRST REPORTED

June 7, 2024

Request Removal

LockBit 3.0 Ransomware Attack on Malama I Ke Ola Health Center

Overview of Malama I Ke Ola Health Center

Situated in Wailuku, Maui, Hawaii, Malama I Ke Ola Health Center is a comprehensive primary care clinic serving nearly 12,000 patients. The center offers integrated health services focusing on physical, mental, and behavioral health. Their family-centered approach includes care for newborns, children, adolescents, and young adults up to 26 years of age. The health center also provides OB/GYN and dental services, and their street medicine team delivers care to homeless and marginalized populations.

Details of the Ransomware Attack

In early June 2024, the LockBit 3.0 ransomware group executed an attack on Malama I Ke Ola Health Center, causing significant operational disruptions. The health center abruptly closed due to IT issues and remained shut for over two weeks, recently reopening with limited services and resorting to paper charting. Patients were initially informed of the closure via text on May 7th, followed by multiple extensions, causing considerable stress for both patients and staff. Concerns have arisen regarding the challenges of reverting to paper records and the potential backlog once systems are restored. Despite fears of data breaches, there has been no confirmation of any breach of confidentiality.

About LockBit 3.0 Ransomware Group

LockBit 3.0, also known as LockBit Black, is an advanced variant of the LockBit ransomware group, emerging in 2022. It operates under a Ransomware-as-a-Service (RaaS) model, allowing other cybercriminals to use their malware for attacks. LockBit 3.0 is known for its enhanced infection capacities and customization options, making it one of the most dangerous and disruptive ransomware threats. The group has been actively recruiting affiliates and targeting a wide range of businesses and critical infrastructure organizations globally.

Potential Vulnerabilities and Penetration

The attack on Malama I Ke Ola Health Center coincided with the center's planned transition to a new electronic health record system starting April 20th, leading to speculation about its role in the IT issues. The health center's reliance on digital systems for comprehensive care made it a prime target for ransomware attacks. LockBit 3.0's ability to move laterally through a network and delete traces of itself likely facilitated the penetration and subsequent disruption of the health center's operations.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.