Last week, Rhode Island’s largest non-profit opioid treatment provider, CODAC Behavioral Health, began issuing data breach notifications following a cyber attack in July 2024. This attack was claimed by ransomware gang Qilin in August with 9GB of data allegedly stolen.
In its notification, CODAC said: “On July 24, 2024, CODAC detected suspicious activity in its network environment.” After securing its network and conducting an investigation, it found that “certain information was accessed and copied without authorization.”
This information includes:
- Names
- Dates of birth
- Medical diagnosis and treatment information
- Health insurance information
- Medical record number
- Date of service
- Social Security number
CODAC is offering those affected 24 months of credit monitoring services through Cyberscout.
CODAC hasn’t confirmed Qilin’s claims, whether a ransom was demanded and/or paid, or how many people were impacted in total. Comparitech contacted CODAC for more information and will update this article if it responds.
Who is Qilin?
Qilin, also known as Agenda, is a Russia-based hacking group that mainly targets victims through phishing emails to spread its ransomware. Its attacks usually involve double extortion, in which Qilin demands payment to decrypt files encrypted by its ransomware and a second payment in exchange for not releasing or selling stolen data. It also offers ransomware-as-a-service to third parties.
Qilin first appeared in August 2022 and, since then, we’ve tracked 40 confirmed attacks via this group. These attacks have affected nearly 1.5 million records in total.
Other recently confirmed attacks via this group include accounting firm LaMear & Rapert, LLC. It began issuing data breach notifications late last week following an attack in October 2024 (4,062 affected). The City of West Haven also confirmed it had been hit by an attack this month which Qilin took responsibility for.
Last year, we tracked 145 unconfirmed attacks via this group and have seen a further 12 this year so far.
Ransomware attacks on US healthcare companies
Throughout 2024, Comparitech logged 130 ransomware attacks on US hospitals, clinics, and other direct care providers. These attacks impacted nearly 21.8 million records and saw an average ransom of just over $1 million.
Ransomware attacks on the healthcare sector not only have a detrimental effect on patient care as key systems are taken down but can also have long-term effects when sensitive patient data is stolen.
Other recently confirmed attacks include Allegheny Health Network (AHN). It started notifying patients of a breach last week following a cyber attack in October 2024. This attack was claimed by LockBit at the time.
In addition to the attacks confirmed by affected entities, we noted 145 unconfirmed attacks in this sector during 2024 with eight also noted this year so far.
About CODAC Behavioral Health
Located in Rhode Island, CODAC Behavioral Health is the state’s largest and oldest non-profit provider of treatment for Opioid Use Disorder (OUD). It has seven locations and serves 13,000 people every year.
