Hive Ransomware Takes Down IT Systems of Partnership Health Plan of California

  • By Patrick Ryan
  • Mar 31, 2022

Partnership Health Plan of California’s IT systems have been down for an extended period of time due to a Hive ransomware attack. The nonprofit managed care specialist has struggled to return its IT services for more than a week following the ransomware attack.

What has the Partnership Health Plan of California Stated About the Attack?

The Partnership Health Plan of California posted a message on its website indicating it has experienced technical difficulties. The notice posted to the nonprofit’s website stated there was a disruption to specific computer systems.  

The group’s member service line also contained a voice message stating that the nonprofit is experiencing technical difficulties and its systems are inoperable. Perhaps the most telling tidbit of information in this voice message is that the nonprofit does not have an expected timeline for repair.

How are Hive Ransomware Attacks Performed?

According to the FBI alert described below, the Hive ransomware attack relies on several unique mechanisms to violate targeted networks. The hackers’ mechanisms include malicious attachments on phishing emails that set the stage for accessing remote desktop protocols and lateral moves after breaching the network.  

Once the network is compromised, the ransomware steals information and encrypts files. A ransom note is deposited in the compromised directories within the target systems, providing instructions regarding how to buy the software necessary to decrypt the files.

What has the Nonprofit Done in Response to the Ransomware Hack?

The Press Democrat reports Partnership Health Plan of California began notifying regional healthcare clinics about the system outage about ten days ago. A statement posted on the nonprofit’s website notes the group is working with third-party digital forensics professionals to perform a deep dive into the cause of the disruption, gauge its impact on the group’s digital systems, and eventually restore those systems to functionality. However, this is the extent of information provided regarding the group’s response to the attack.

Has the Hive Hacking Collective Made a Statement?

Ransomware specialists who go by the name of “Hive” took to the dark web to leak data from the PHC hack. The data was encrypted on March 19 and publicized on the internet three days later. According to the HiveLeaks website, the data stolen from the nonprofit contains 400 gigs of information stolen from a file server.  

Hive ransomware attackers also stole 850,000 unique records of personally identifiable information. The information in question includes the social security numbers, dates of birth, home addresses, and names of the nonprofit’s customers.

Will PHC pay the Ransom?

At the time of this publication, PHC representatives have not indicated whether they will pay the requested ransom. However, it appears as though the nonprofit has not paid the ransom, as the statement posted on its website states the group cannot accept or process requests for treatment authorizations.  

It might take several weeks for the nonprofit to resume operations, meaning it looks like the ransom has not been paid. The company’s website notes TAR forms for medical treatments will be processed retroactively across the next two weeks. However, when pressed for more information, PHC did not provide additional comments about the details of the hack.

Why is Hive Ransomware Such a Problem?

Hive ransomware has quickly become one of the most feared forms of ransomware. The FBI issued a warning about Hive ransomware in the summer of 2021.

FBI digital security specialists indicate Hive ransomware attackers specifically zero in on the healthcare sector. Aside from PHC, Hive ransomware has also struck Memorial Health System, a hospital system in Marietta, Ohio.

About the Author
IDStrong Logo

Related Articles

Instagram Vulnerability Allowed Hackers Access to Control Your Phone

Security experts Check Point Research discovered a critical vulnerability while examining Instagra ... Read More

Alien Malware Infects More than 226 Mobile Apps and Steals Bank Data

As reported on September 24, 2020, by ZDNet and ThreatPost, a new strain of malware named “Alien ... Read More

Universal Health Systems Hit by Ransomware Attack

Universal Health Systems (UHS), a Fortune 500 company owning more than 400 hospitals across the co ... Read More

Exchange Server Bug Exposes a Big Risk to Hackers

Months after Microsoft released a patch to fix a serious flaw in MS Exchange Server, more than 61% ... Read More

Clients’ Bank Data Exposed in Blackbaud Ransomware Attack

Blackbaud software was victim to a ransomware attack last May, and new information suggests that c ... Read More

Latest Articles

Flagstar Bank Breach Impacts More Than a Million Customers

Flagstar Bank Breach Impacts More Than a Million Customers

Flagstar Bank is in the news for the wrong reason. The bank recently publicized the fact that it discovered a digital breach.

Weekly Recap June 24 2022

Weekly Recap June 24 2022

We are nearly halfway through 2022. News stories detailing hacks and other digital breaches continue to roll in on a daily basis.

Cybercrime Related to Travel Soars at the Year’s Halfway Point

Cybercrime Related to Travel Soars at the Year’s Halfway Point

There has been a significant spike in tourism following the gradual decline of the coronavirus pandemic.  The increase in travel has caught the attention of digital miscreants looking to scam tourists as well as travel services providers.

Featured Articles

How to Buy a House with Bad Credit

How to Buy a House with Bad Credit

Buying your own home is the American Dream, but it might seem out of reach to those with bad credit. However, the good news is, if your credit is less than perfect, you do still have options and in most cases, can still buy a home.

How Secure Is Your Password? Tips to Improve Your Password Security

How Secure Is Your Password? Tips to Improve Your Password Security

Any good IT article on computers and network security will address the importance of strong, secure passwords. However, the challenge of good passwords is that most people have a hard time remembering them, so they use simple or obvious ones that pose a security risk.

Top 10 Senior Scams and How to Prevent Them

Top 10 Senior Scams and How to Prevent Them

Senior scams are becoming a major epidemic for two reasons. First, seniors often have a lot of money in the bank from a life of working hard and saving.