Over 21K Equinox patients, staff impacted by LockBit-claimed attack

New York-based health services provider Equinox had information from 21,565 patients and employees compromised following an April cyberattack, which was claimed by the LockBit ransomware operation, according to The Register.

Threat actors who infiltrated Equinox's systems on Apr. 29 were able to exfiltrate digital files containing individuals' names, birthdates, addresses, Social Security numbers, passport numbers, driver's license or other government identification numbers, health insurance information, financial account details, treatment and diagnosis data, and/or medication details, said Equinox in breach notification letters. Such a disclosure comes after LockBit admitted the theft of 49 GB of data from the Equinox's systems, with the ransomware gang eventually exposing 31.8 GB of data after the health provider failed to pay the demanded ransom in August. Despite having been disrupted by an extensive law enforcement operation in February, LockBit 3.0 was noted by the Palo Alto Networks Unit 42 threat research team to continue being the most dominant ransomware group this year.