Ransomware Attack on Alpha Care Medical Group by Qilin

On November 21, 2024, Alpha Care Medical Group, an Independent Physicians Association (IPA) based in California, became the latest victim of a ransomware attack by the notorious Qilin group.

About Alpha Care Medical Group

Established in 1993, Alpha Care Medical Group operates primarily in Riverside and San Bernardino counties, California. The organization is dedicated to providing high-quality healthcare services, focusing on Medi-Cal/Medicaid, Medicare, and Dual Eligible programs. With approximately 17 employees, Alpha Care is known for its commitment to community health, reinvesting resources into local charities and infrastructure improvements. Their extensive services include urgent care, laboratory, and radiology, catering to a wide range of healthcare needs.

Attack Overview

The ransomware attack orchestrated by Qilin resulted in an unspecified amount of data being leaked. The breach could potentially disrupt Alpha Care's operations, affecting their ability to provide essential healthcare services to the community.

About Qilin Ransomware Group

Qilin, also known as Agenda, is a Ransomware-as-a-Service (RaaS) group that emerged in July 2022. Known for its sophisticated ransomware tools, Qilin employs a double extortion strategy, encrypting data and threatening to leak it unless a ransom is paid. The group is particularly adept at targeting large enterprises, with healthcare accounting for about 7% of their attacks. Their ransomware, initially developed in Golang and later rewritten in Rust, is designed to target Windows, Linux, and VMware ESXi environments.

Sources

• Halcyon AI: Qilin - The Russian RaaS Group
• Bleeping Computer: Linux Version of Qilin Ransomware
• Alpha Care Medical Group: About Us