This morning, ransomware gang BianLian claimed the recent cyber attack on Physicians’ Primary Care of Southwest Florida. It alleges that 1.8TB of data, including medical data, contracts, IDs, email archives, and accounting data, have been stolen.
In its proof pack, BianLian claims the company was notified of the hack in September but did nothing to secure its network for two weeks. It also gives examples of the data provided to Physicians’ Primary Care of SWFL, which includes patient records, X-ray scans, and email archives.
Physicians’ Primary Care of SWFL issued a data breach notification on November 14, 2024. In it, it says, “On or about September 17, 2024, we were alerted to unauthorized access to our information technology network.” And that after investigation, it: “Determined that the unauthorized access likely began on or about September 15, 2024. It was also determined that there was potential access and/or acquisition of certain information during the incident.”
The notification doesn’t include the exact data affected but it does say that those whose Social Security Numbers or driver’s license numbers were affected will be given access to complimentary credit monitoring and identity theft protection services. It’s also unclear how many people are affected by the breach as Physicians’ Primary Care of SWFL has only added a placeholder of ‘500’ on the OCR breach portal.
Physicians’ Primary Care of SWFL hasn’t confirmed BianLian’s claims or whether or not a ransom was demanded/paid. Comparitech has contacted them for further information and will update this article if they respond.
Who is BianLian?
First appearing in late 2021, BianLian is responsible for 70 confirmed ransomware attacks, according to our data. These attacks have affected over 3 million records in total with half of these affected records being on healthcare organizations.
BianLian was recently found to be responsible for attacks on South West Family Medicine Associates where 36,959 records were affected in a July 2024 attack and Boston Children’s Health Physicians (BCHP) who was impacted via an attack on its IT provider, ATSG, Inc.
BianLian used to extort victims twice, demanding one ransom in exchange for a decryption key to restore systems, and a second ransom for not selling or publicly releasing stolen data. However, the FBI has stated that, like many other ransomware groups, BianLian has stopped encrypting systems and now solely extorts victims for stolen data.
We have also tracked 121 unconfirmed attacks via BianLian this year so far.
Ransomware attacks on the US healthcare sector
Throughout 2024, we’ve tracked 113 confirmed attacks on US hospitals and clinics. These attacks have affected over 15.2 million records and have seen an average ransom of $710,000.
Other recently confirmed attacks with significant breaches include Colonial Behavioral Health (29,930 affected in an October 2024 breach via Qilin), In-Home Attendant Services, Ltd. (22,100 affected in an October 2024 breach via ThreeAM), and Jefferson Dental Center (12,340 affected in a November 2024 attack via an unknown group). Last week, Anna Jaques Hospital also started notifying 316,000 of a data breach following a ransomware attack via Money Message in December 2023.
We have also noted 145 unconfirmed attacks on US healthcare companies this year so far.
About Physicians’ Primary Care of Southwest Florida
Formed in 1996, Physicians’ Primary Care of Southwest Florida consists of more than 45 providers located in Cape Coral, Estero, Fort Myers, and Lehigh Acres. It specializes in internal medicine, family practice, and pediatrics.
