Turning Point of Central California over the weekend confirmed it notified at least 500 people of a May 2024 data breach that compromised current and former employee names, Social Security numbers, and addresses.
Ransomware group Abyss claimed responsibility for the attack shortly after it occurred and gave Turning Point until July 2 to pay a ransom, or else the stolen data would be sold to a third party or released publicly.
Turning Point has not verified Abyss’ claim. We do not yet know exactly how many people were notified, whether Turning Point paid a ransom, how much Abyss demanded, or how attackers breached Turning Point’s network. Comparitech contacted Turning Point for comment and will update this article if they respond.
“In May 2024, we identified suspicious activity on the system, and discovered that an unauthorized user had gained access to the system,” the notice (PDF) states. “Since the incident, we have changed passwords to user accounts, and tightened endpoint monitoring controls, among other measures.”
Eligible victims can enroll in free identity theft protection services offered by Turning Point via IDX. The enrollment deadline is November 30, 2024.
Who is Abyss?
Abyss Locker first emerged in March 2023 and primarily targets VMware ESXi environments. It often extorts victims twice: once to restore encrypted systems, and again in exchange for not selling or publicly releasing stolen data. Abyss’ victims span the healthcare, manufacturing, and education sectors.
Comparitech researchers logged seven confirmed ransomware attacks claimed by Abyss so far in 2024, affecting 6,496 records. Last year, we recorded eight attacks affecting 254,176 records.
Abyss claimed another 21 attacks that have not been confirmed by victims so far this year. Six of those occurred in August, suggesting a resurgence of group activity.
Ransomware attacks on US healthcare
Ransomware attacks on healthcare facilities can disrupt appointment booking, access to medical records, billing, payroll, and communication systems, to name a few. Hospitals and clinics are forced to pay a ransom to decrypt systems that the ransomware has encrypted, and/or to prevent the attacker from selling or publicly releasing stolen data.
In 2024 so far, Comparitech tracked 69 attacks on the US healthcare sector, affecting nearly 7.2 million records. That’s on track to be fewer than last year, during which we recorded 167 attacks affecting about 48 million records.
The average ransom for US healthcare companies is $2.4 million.
Recent confirmed ransomware targets in US healthcare include Bayhealth Medical Center (Rhysida, $1.4m ransom), McLaren Health Care (INC), and Mount Carmel Care Center (Medusa, $300,000).
Another 137 attacks on US healthcare entities have been claimed but not confirmed.
About Turning Point of Central California
Turning Point of Central California (TPOCC) is a rehabilitation clinic in Fresno, California that serves residents of 10 nearby counties. Its service areas include behavioral and mental health, substance abuse, recovery, employment, housing assistance, community corrections, an residential treatment. According to its LinkedIn profile, TPOCC employs more than 700 people.