The Baim Institute for Clinical Research yesterday confirmed it notified 70 people about a June 30, 2024 data breach that compromised names, Social Security numbers, and addresses.
Ransomware group RansomHub claimed responsibility for the attack and subsequently leaked 175 GB of data that it says it stole from the Baim Institute. RansomHub posted the allegedly stolen data on its leak site when the ransom payment deadline passed.
The Institute’s notice reads, “On June 30, 2024, Baim Institute detected it was the target of a cybersecurity incident. An unauthorized third party compromised Baim Institute’s computer network.”
The notice specifically mentions employee data being affected. Victims have 90 days to sign up for free credit monitoring offered by the Institute via CyberScout.
We don’t yet know how much money RansomHub demanded or how attackers breached the Institute’s network. Comparitech contacted the Baim Institute for comment and will update this article if it responds.
Who is RansomHub?
RansomHub employs a ransomware-as-a-service model in which affiliates pay to launch attacks using RansomHub’s malware and infrastructure. The group has been linked to a now-defunct ransomware group, Knight.
Comparitech researchers logged 18 confirmed attacks claimed by RansomHub so far in 2024, compromising more than 3 million records. Four of these were on healthcare companies: American Clinical Solutions, NRS Healthcare, Rite Aid, and the Baim Institute.
We tracked another 126 unconfirmed attacks claimed by RansomHub, 11 of which were against healthcare-related companies.
RansomHub grew in notoriety following high-profile attacks on UK-based NRS Healthcare, auction house Christie’s, the Florida Department of Health, and Frontier Communications. It also claimed to be in possession of data stolen from Change Healthcare, despite the company having already paid a $22 million ransom to another ransomware group, ALPHV/BlackCat.
Ransomware attacks on US healthcare businesses
Ransomware attacks, including those launched by RansomHub, often extort victims twice: once for a key to restore infected systems, and again in exchange for not selling or publicly releasing stolen data.
Hospitals, clinics, and other healthcare-related organizations are frequent targets for ransomware attacks. In addition to data theft, ransomware can disrupt key systems used for payments, appointments, medical records, and more. Hospitals and clinics might be forced to cancel appointments and divert patients elsewhere, or resort to pen and paper until systems are restored.
In 2024 to date, we recorded 60 ransomware attacks on businesses operating within the healthcare sector, including pharmaceutical companies, clinical research companies, hospitals, clinics, etc. These attacks compromised 6,196,538 records. Rite Aid was the target of one of the biggest attacks by records affected (2.2 million), for which RansomHub also claimed responsibility.
The average ransom demand for healthcare businesses is $3.2 million.
We further logged 120 unconfirmed ransomware attacks on this sector. RansomHub claimed five of these.
About the Baim Institute for Clinical Research
The Baim Institute is a non-profit academic research organization that studies drugs, medical devices, and medical diagnostics. According to its website, it boasts 1,250 studies, more than 50 FDA submissions, over 5,500 publications, and more than 160,000 enrolled participants.