Unite Here Data Breach And Lurie Children’s Hospital Cyberattack

791,000 People Affected by UNITE HERE Data Breach

The labor Union, UNITE HERE, located in New York has 300,000 working individuals all over the United States and Canada. It recently filed a breach report to the HHS’ Office for Civil Rights that it experienced a data breach affecting the protected health information (PHI) of 791,273 persons. UNITE HERE stated unauthorized access to its systems was noticed on October 20, 2023, and third-party cybersecurity professionals investigated the occurrence to find out the nature and extent of the data breach. The scope of the sensitive data access or theft can’t be confirmed, thus it was determined to alert all people whose data was included in the breached system during the breach .

The compromised data included the sensitive records of members of selected local unions and health finances and involved names, state identification numbers, Social Security numbers, driver’s licenses, alien registration numbers, passport numbers, tribal ID numbers, birth certificates, birth dates, signatures, marriage licenses financial account details, and clinical data.

UNITE HERE mentioned passwords were instantly reset upon knowledge of the security breach, and additional security measures had been applied. Persons who get a notification letter regarding the breach were instructed to be wary of identity theft and fraud and were given free credit monitoring and identity theft protection services via IDX.

Lurie Children’s Hospital’s EHR Systems is Back Online After One Month

Ann & Robert H. Lurie Children’s Hospital based in Chicago suffered a ransomware attack that resulted in the breakdown of its telephone, medical record, and email systems. Lurie Children’s Hospital, which manages over 220,000 patients per year, discovered a systems breach on January 31, 2024, and has stated that a recognized threat actor acquired access to its systems but didn’t mention if it was a ransomware attack. The extent of the data breach has not yet been reported.

Rhysida ransomware group is the identified threat actor. It is a comparatively new ransomware-as-a-service operation as of May 2023. The group primarily attacks establishments in the government, manufacturing and education; nonetheless, many attacks were executed on healthcare providers which include Prospect Medical Holdings And Singing River Health System. The group is not regarded as a big player in the ransomware sector although it is a well-organized group that did no less than 74 attacks in 2023 – about 2% of all ransomware attacks worldwide, and in 2023 was behind 4% of cyberattacks on the healthcare industry.

Rhysida practices double extortion, where sensitive records are stolen from the victim’s system before file encryption, and requires payments to get the keys to decrypt information and avert the exposure or sale of the stolen files. At the end of February, the group stated on its data leak website the theft of 600 GB of data from Lurie Children’s Hospital, which will be available for sale. The exclusive selling price for the stolen files is 60 bitcoin or approximately $3.4 million. It seems that Lurie Children’s Hospital declined to pay the ransom since Rhysida said the data was already purchased. Lurie Children’s Hospital has mentioned that it knows the group’s statements but did not say any points concerning the attack and stated it is still looking into the incident and is working tightly with authorities and security professionals.

Being an academic medical center, Lurie Children’s Hospital’s systems are very complicated and, therefore, the recovery procedure is taking more time. It is working directly with internal and external specialists to fully recover its systems, which involves validating and assessing every system before putting them back on the Internet. Lurie Children’s Hospital mentioned it has teams working 24 / 7 to bring back its systems. Its electronic health record system was restored as well as other important systems; though, the MyChart patient portal is still not online. Patients use the MyChart portal to check their health information, book consultations, communicate with physicians, ask for prescription refills, acquire cost quotations for services, and pay charges.

Lurie Children’s Hospital knows that this system breakdown has caused privacy issues for patient families and community suppliers. The hospital is working hard to take care of this problem as fast and appropriately as possible.

Link copied to clipboard
Photo of author

Posted by

John Blacksmith

John Blacksmith is a journalist with several years experience in both print and online publications. John has specialised in Information technology in the healthcare sector and in particular in healthcare data security and privacy. His focus on healthcare data means he has specialist knowledge of the HIPAA regulations. John has a degree in journalism.