Fitzgibbon Hospital, Christiana Spine Center, and Diskriter Encounter Ransomware Attacks

On June 25, 2022, a representative of a threat group known as DAIXIN Team shared details with regards to a ransomware attack and information theft incident that occurred at Fitzgibbon Hospital located in Marshall, Missouri. Stolen data was published to a dark web resource site.

The published data consists of database tables taken from the MEDITECH database, and sensitive files that contain patient information taken from internal servers. 40GB of information was stolen during the attack and contained names, birth dates, Social Security numbers, patient account numbers, medical record numbers, and medical and treatment details.

DAIXIN Team seems to be a new ransomware gang. Additional information about the group and the ransomware attack was acquired by A shared chat log confirmed that a spokesperson for Fitzgibbon Hospital got in touch with DAIXIN Team to make a deal about the ransom payment, however, no payment was made thus far.

At this time, there is no breach notice posted on the Fitzgibbon Hospital web page, and there is no breach incident posted on the HHS’ Office for Civil Rights web portal, thus it is unknown how many persons were impacted. As of this writing, the leak site still has the stolen data available for download.

Christiana Spine Center Ransomware Attack

Christiana Spine Center based in Newark, DE has reported that it suffered a ransomware attack recently. The center discovered the attack on February 25, 2022, and took steps right away to control the attack. Forensic and cybersecurity professionals investigated the breach and confirmed the potential access to files containing names, addresses, telephone numbers, medical insurance ID numbers, personal health data, and Social Security numbers during the attack.

The analysis of the impacted files affirmed that approximately 3,500 patients were potentially affected. They received free memberships to a credit monitoring service for 12 months. Christiana Spine Center mentioned that no proof was discovered that suggests the theft or misuse of patient data.

Hive Ransomware Group Attack on Diskriter

The Hive ransomware gang made a statement claiming its ransomware attack on Diskriter. The Pittsburgh, PA-based company offers health information management, revenue cycle management, and transcription services. The group claims to have stolen 160GB of information before file encryption. The stolen files contained software source code, financial information, employee details, sensitive business information, login information such as passwords and usernames, and files with patient information.

The attack was apparently done on June 8, 2022, and encrypted files, including backup files. As of this time of writing, there is no ransom payment made yet. Some stolen information is posted on the data leak site of the Hive ransomware gang. Diskriter did not confirm the attack yet and it is uncertain how many individuals had their PHI exposed.

Twitter Facebook LinkedIn Reddit Copy link Link copied to clipboard
Photo of author

Posted by

Mark Wilson

Mark Wilson is a news reporter specializing in information technology cyber security. Mark has contributed to leading publications and spoken at international forums with a focus on cybersecurity threats and the importance of data privacy. Mark is a computer science graduate.