Children’s hospital ransomware attack impacts nearly 800,000 individuals

Ann & Robert H. Lurie Children’s Hospital of Chicago (“Lurie Children’s”) experienced a ransomware attack, affecting 791,784 individuals and potentially exposing the following personal information: 

• Full name
• Home address
• Email address 
• Telephone number
• Date of birth
• Date(s) of service
• Driver’s license number
• Health claims information (including health plan and health plan beneficiary number)
• Medical conditions, diagnoses or treatments 
• Medical record number
• Prescription information
• Social Security number

“This incident demonstrates the significant impact of a ransomware attack, resulting in the theft of sensitive information that could affect individuals for years to come,” remarked Erich Kron, Security Awareness Advocate at KnowBe4. “Preventing such attacks requires employee training on identifying and reporting phishing attempts, as well as implementing data leakage prevention controls to prevent unauthorized data exfiltration.”

The Rhysida ransomware group has claimed responsibility for the attack, accessing the hospital’s systems between January 26 and 31, 2024. 

Kron added, “The Rhysida ransomware group is known for utilizing email phishing and cobalt strike tactics to infiltrate networks. Educating employees on recognizing social engineering attacks is crucial in combating ransomware threats worldwide.”

Lurie Children’s is currently in the process of notifying affected individuals and advises all patients to monitor their accounts for any unusual activity.