Following a brief hiatus after law enforcement agencies, including Europol and the FBI, disrupted their activities, the LockBit ransomware group appears to have resumed its operations. This time, their target was the servers of Panorama Eyecare, a provider serving communities in Maine and Massachusetts, impacting the data of more than 400,000 patients.
Initial investigations suggest that the breach may have compromised sensitive patient information, including social security numbers, names, dates of birth, financial account details, dates of service, and medical insurance provider details.
In response to the breach, Panorama Eyecare has announced that all affected individuals will receive two years of free credit monitoring and identity protection services. The breach was identified on June 3, 2023, with indications that the hackers may have accessed approximately 798 gigabytes of data. Questions remain regarding the delay in disclosing the breach, given that it was promptly discovered.
Meanwhile, the US Federal Bureau of Investigation has made significant progress that could aid ransomware victims. They have obtained over 7,000 decryption keys, offering a means for victims to retrieve their data without succumbing to the demands of the LockBit ransomware group.
It’s worth noting that LockBit has targeted around 2,800 companies to date, with 1,800 of them based in the United States. Despite the media exposure of its alleged leader, Dmitry Yuryevich Khoroshev, also known as LockBitSupp, the group continues to operate with renewed determination.