Meow Ransomware Hits PMR Center: 40GB of Sensitive Data Stolen
Ransomware Attack on The Physical Medicine Rehabilitation Center by Meow Ransomware Group
Overview of the Victim
The Physical Medicine Rehabilitation Center (PMR Center) is a specialized healthcare facility established in 1986, focusing on diagnosing and treating various musculoskeletal and neurological conditions. The center operates five state-of-the-art locations across New Jersey and New York, employing a multidisciplinary team of physiatrists, physical therapists, occupational therapists, and other healthcare professionals. The PMR Center is renowned for its non-operative treatment options, including physical therapy, occupational therapy, and patient education, aimed at enhancing the quality of life for patients suffering from pain and disability due to sports injuries, spine issues, orthopedic problems, and neuromuscular conditions.
Details of the Attack
The PMR Center has recently fallen victim to a ransomware attack orchestrated by the Meow Ransomware group. The attackers claim to have accessed 40GB of sensitive data, including patient records, medical histories, doctor notes, and employee information. This breach poses significant risks to patient privacy and the overall security of the center's operations. The attack was publicized on Meow's dark web leak site, indicating that the stolen data could be exposed if the ransom demands are not met.
About Meow Ransomware Group
Meow Ransomware is a notorious group that emerged in late 2022 and has been particularly active in 2024. They are associated with the Conti v2 ransomware variant and primarily target organizations in the United States. The group employs various infection methods, including phishing emails, exploit kits, Remote Desktop Protocol (RDP) vulnerabilities, and malvertising. Once a system is compromised, the ransomware encrypts files using a combination of the ChaCha20 and RSA-4096 algorithms. Meow Ransomware is known for targeting industries with sensitive data, such as healthcare and medical research, and they often post victim data on their leak site if the ransom is not paid.
Vulnerabilities and Penetration Methods
The PMR Center, like many healthcare facilities, is a prime target for ransomware attacks due to the sensitive nature of the data they handle. The center's extensive use of digital records and interconnected systems may have made it vulnerable to exploitation through phishing emails or RDP vulnerabilities. The Meow Ransomware group likely leveraged these weaknesses to gain unauthorized access to the center's systems, encrypting critical files and demanding a ransom for their release.
Implications for the PMR Center
The ransomware attack on the PMR Center underscores the critical importance of robust cybersecurity measures in the healthcare sector. The breach not only threatens patient privacy but also disrupts the center's ability to provide essential medical services. As the PMR Center navigates the aftermath of this attack, it will need to address both the immediate security concerns and the long-term implications for patient trust and operational integrity.
Sources
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!