swidup
commented
1 year ago https://www.theregister.com/2023/02/11/ransomware_regal_medical_group/
"According to the Southern California health-care organizations, which include Regal Medical Group, Lakeside Medical Organization, ADOC Medical Group, and Greater Covina Medical, the security breach happened around December 1, 2022.
"After extensive review, malware was detected on some of our servers, which a threat actor utilized to access and exfiltrate data," according to a notice posted on Regal's website and filed with the California Attorney General's office [PDF]."
https://oag.ca.gov/system/files/Regal%20John%20Doe%20Letter%20Feb%201%202023.pdf
https://www.databreaches.net/four-more-attacks-on-the-healthcare-sector-weekend-edition/
"Regal Medical Group, Lakeside Medical Organization, ADOC Medical Group, and Greater Covina Medical (collectively, “Regal”) have been notifying patients about a breach that resulted from a ransomware attack.
In their notification of February 1, Regal writes that they first became aware of the December 1 breach on December 8, 2022. On December 2, they noticed difficulty accessing some servers and discovered malware on some servers. That malware resulted in access to and exfiltration of some data.
Personal information that may have been affected included
Regal’s notification to the California Attorney General’s Office does not identify the type of ransomware, whether they received a ransom demand, and whether they paid ransom, but as of publication, none of the Regal Group entities have shown up on any dark web leak site operated by various ransomware gangs.
The incident has not yet been posted to HHS’s public breach tool, so we do not yet know the total number of patients affected."