Ransomware Attack Hits New Jersey Oral & Maxillofacial Surgery Associates

Incident Date: Jun 12, 2024

Attack Overview

VICTIM

New Jersey Oral & Maxillofacial Surgery Associates

INDUSTRY

Hospitals & Physicians Clinics

LOCATION

USA

ATTACKER

Clop

FIRST REPORTED

June 12, 2024

Request Removal

Ransomware Attack on New Jersey Oral & Maxillofacial Surgery Associates

Overview of the Victim

New Jersey Oral & Maxillofacial Surgery Associates, a specialized medical practice, has been serving Northern New Jersey for over 37 years. The practice, led by board-certified surgeons, focuses on the diagnosis and treatment of conditions related to the mouth, jaw, face, and neck. They offer services such as tooth extractions, facial trauma treatment, corrective jaw surgery, dental implant surgery, and cosmetic procedures. The practice operates in both outpatient and hospital settings, with offices in Hackensack, Ridgefield, and North Bergen, NJ.

Details of the Attack

On June 12, 2024, the ransomware group Clop claimed responsibility for an attack on New Jersey Oral & Maxillofacial Surgery Associates. The attack was disclosed on Clop's dark web leak site, with the size of the data breach remaining unknown. This incident follows a warning from the FBI on May 8, 2024, about credible cybersecurity threats targeting dental practices, particularly oral and maxillofacial surgeons.

About the Clop Ransomware Group

Clop is a sophisticated and financially motivated ransomware group active since early 2019. Associated with the TA505 threat group, Clop operates on a ransomware-as-a-service model. The group targets large enterprises across various sectors, including healthcare. Clop employs advanced techniques to evade security controls and has been known to exploit vulnerabilities in software like Accellion FTA and MOVEit Transfer. They use a data leak site on the Tor network to release stolen data from non-compliant victims.

Potential Vulnerabilities

New Jersey Oral & Maxillofacial Surgery Associates, like many healthcare providers, may have vulnerabilities that make them attractive targets for ransomware groups. These can include outdated software, insufficient cybersecurity measures, and a lack of awareness about emerging threats. The practice's extensive referral network and reliance on digital records could also increase their risk profile.

Penetration Methods

Clop likely penetrated the company's systems through phishing emails, malicious attachments, or exploiting known software vulnerabilities. The group's use of advanced tools like Cobalt Strike and remote access trojans further complicates detection and mitigation efforts.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.