Arkansas’s behavioral health system Arisa Health yesterday confirmed it notified thousands of people about a March 2024 data breach that compromised their names, Social Security numbers, medical record numbers, health insurance number of member ID, certification of substance abuse program completion, medical history and diagnoses, dates of birth, addresses, email addresses, and driver’s license numbers.
Arisa Health submitted a data breach report to the Texas Attorney General that states 1,434 Texans were impacted by the breach. The number of victims in Arisa’s home state of Arkansas is likely much higher, but hasn’t been disclosed yet. The breach took place between March 1 and March 18, 2024, according to Arisa’s notice.
Ransomware group Hunters International claimed responsibility for the attack in mid-April.
We don’t yet know whether Arisa Health paid a ransom, the ransom demand amount, or how attackers breached Arisa’s network. Comparitech contacted Arisa for comment and will update this article if it responds.
The notice states, “individuals whose Social Security numbers were contained in the impacted files have been offered complimentary credit monitoring.”
Who is Hunters International?
Hunters International first appeared in October 2023, and is rumored to be a spin-off of an earlier group called Hive. Hunters often extorts victims twice in one attack: it seeks one ransom for decrypting systems and another for deleting stolen data.
Comparitech has logged 30 confirmed attacks by Hunters in total, affecting 976,699 records since it began operations.
Ten of those attacks were on healthcare companies. Hunters International recently claimed a February data breach against Therapeutic Health Services in Washington state, plus a May 2024 attack on Northeast Rehabilitation Hospital Network.
Hunters claimed responsibility for a large-scale hack on Fred Hutchinson Cancer Center in November 2023, which affected 890,959 records. The group even contacted individual patients and demanded $50 in ransom to delete their data.
We further tracked 114 unconfirmed attacks claimed by Hunters since October 2023, three of which were on healthcare companies.
Ransomware attacks on US healthcare
Hospitals, clinics, and other healthcare-related organizations are frequent targets for ransomware attacks. In addition to data theft, ransomware can disrupt key systems used for payments, appointments, medical records, and more. Hospitals and clinics might be forced to cancel appointments and divert patients elsewhere, or resort to pen and paper until systems are restored.
Comparitech researchers have recorded 43 confirmed ransomware attacks on healthcare organizations in the US so far this year, affecting 5,376,911 records. The average ransom is about $915,000.
Another 93 such attacks have been claimed but not confirmed. Hunters International claims three of them.
About Arisa Health
Arisa Health is the largest non-profit behavioral health system in Arkansas. It’s made up of four providers: Professional Counseling Associates (North Little Rock), Mid-South Health Systems (Jonesboro), Ozark Guidance (Springdale), and Counseling Associates (Conway). It operates 49 locations across 41 counties.