The Executive Council of Physical Therapy and Occupational Therapy Examiners (ECPTOTE) yesterday confirmed it notified an undisclosed number of people about a data breach that compromised names, Social Security numbers, and dates of birth.
Ransomware gang Hunters International claimed responsibility for the attack, saying it stole 139 GB of data (195,822 files), including that of military service members (h/t HackManac).
The ECPTOTE did not verify Hunters’ claim but did submit a notification to the Texas attorney general. The council posted a message as early as August 2, 2024 on its homepage stating its systems were temporarily down. The message was later removed today:
“Our systems are temporarily down. Our team is working diligently to resolve the issue and restore full functionality as quickly as possible. During this time, you may experience interruptions or delays in our services.”
We don’t yet know how many people are affected, how attackers breached the ECPTOTE’s network, or whether the ECPTOTE did or will pay a ransom. Comparitech contacted the ECPTOTE for comment and will update this article if it responds.
We recommend eligible victims take advantage of any free credit monitoring and/or identity theft protection services offered by the ECPTOTE.
Who is Hunters International?
Hunters International first appeared in October 2023 with some suggesting it was a spin-off of Hive. It has quickly become known for its double-extortion tactics whereby it seeks a ransom for decrypting systems and for deleting stolen data.
According to our data, Hunters International is also responsible for confirmed attacks on four other US government organizations: St. Johns River Water Management District (Florida) in November 2023, the Village of Skokie (Illinois) in December 2023, the City of St. Cloud (Florida) in April 2024, and the Lancaster County Sheriff’s Office (Virginia) in April 2024.
Since it first appeared, we’ve logged 30 confirmed attacks claimed by Hunters, seven of which were on government entities. As well as the aforementioned breaches, it also claimed attacks on Greater Napanee (Canada), Concello de Teo (Spain), and Santa Rosa Municipio (Argentina), this year.
Hunters has compromised more than 1 million records across 30 breaches in total. We tracked a further 126 unconfirmed attacks by Hunters, three of which targeted government entities.
Ransomware attacks on US government
In addition to data theft, ransomware attacks on government agencies can disrupt operations and force employees to resort to pen and paper until systems are restored. Attacks can impact billing, payroll, emergency services, websites, data storage, email, phone systems, applications, and more.
Comparitech researchers recorded 54 confirmed ransomware attacks on US government organizations so far in 2024. This year looks set to exceed 2023, during which we logged 78 such attacks. The average ransom is just under $750,000.
About the ECPTOTE
The Executive Council of Physical Therapy and Occupational Therapy Examiners is an independent state health regulatory agency in Texas. The ECPTOTE licenses and regulates physical and occupational therapists in the state.