During the Labor Day weekend, Oakbend Medical Center based in Richmond, TX, encountered a ransomware attack, which began on September 1, 2022, resulting in the encryption of files in its network. The IT team of the medical center had to take all systems down to control the attack. The medical center run with lockdown measures as the Federal Bureau of Investigation (FBI), the Fort Bend County Government Cyberteam, and the Cyber-Defense Campus (CYD) investigated the attack.
The internal IT staff made certain that all systems affecting patients were made secure, and cybersecurity specialists from Dell, Microsoft, and Malware Protects investigated the attack and evaluated the safety of its network. As soon as those systems were cleaned, work started on systems restoration in a controlled and organized way. Disruption will still be experienced, and temporary communication problems for patients, vendors, physicians, and administrators may still arise; nevertheless, patient safety was not put at risk and the medical center did not stop operations.
In September 9, 2022, Oakbend Medical Center told in its update that the restoration process is continuing. The phone and email systems still have problems, however, it is working to deal with those problems immediately. Oakbend Medical Center didn’t state if files that contain patient information were extracted from its network. However, the Daixin Team ransomware group behind the attack posted on its data leak website that it stole files before encryption and claimed the stolen files included patient data like names, Social Security numbers, birth dates, patient account numbers, medical record numbers, and medical and treatment details. A number of the stolen information were published to the data leak website of Daixin Team. The group sent a threat to publicize all the stolen files that contain the protected health information (PHI) of over 1 million individuals. It seems that the medical center has not paid the ransom yet and there’s no longer conversation between the medical center and Daixin Team.
Daixin Team is a fairly new ransomware group that is identified to attack healthcare providers. In June 2022, the group attacked Fitzgibbon Hospital based in Missouri and posted the stolen files containing sensitive patient information.