In a concerning turn of events, the notorious Rhysida ransomware group has claimed Prospect Medical Holdings data breach, leaving a trail of data breaches in its wake. The group has not only infiltrated the company’s defenses but has also claimed to possess sensitive information, which they intend to auction on the dark web.
The situation took a grave turn when the Rhysida ransomware group declared their latest conquest, Prospect Medical Holdings, and revealed their intentions on their dark web platform. The cybercriminals boast access to an extensive trove of data, including over 500,000 Social Security Numbers (SSNs), passports, driver’s licenses, comprehensive patient details, as well as an array of financial and legal documents. 
Their message was direct and unambiguous: “Auctions – Prospect Medical Holdings – BIG sale!”
Prospect Medical Holdings data breach
Source: Twitter
Prospect Medical Holdings, a healthcare institution known for its commitment to patient care, has been forced to confront this breach head-on. The breached data reportedly spans a vast spectrum, encompassing confidential patient files, medical histories, financial records, and legal documents. 
The Prospect Medical Holdings data breach breach not only poses a significant threat to the privacy of those affected but also highlights the vulnerability of even well-established entities to cyberattacks. 
“They kindly provided: more than 500000 SNNs, passports of their clients and employees, driver’s licenses, patient files (profile, medical history), financial and legal documents! If you are interested in our partner’s confidential documents, you will be able to purchase them too! Total 1TB unique files, as well as 1.3TB SQL database”, reads the threat actor post. 
Source: Twitter
As of now, the exact details behind the Prospect Medical Holdings data breach remain shrouded in uncertainty. In response to the situation, the company issued a statement on its official website acknowledging the systemwide outage and assuring its clients that measures were being taken to rectify the issue promptly. The disruption has led to an inconvenience that Prospect Medical Holdings deeply regrets.
“Prospect Medical Holdings, along with all Prospect Medical facilities, is experiencing a systemwide outage. We are working to resolve the issue as soon as possible and regret any inconvenience”, reads the company statement.
The crime spree of Rhysida ransomware group
Despite the turmoil caused by this breach, Prospect Medical Holdings has yet to release an official statement addressing the situation.
The Cyber Express has reached out to the company to learn more about the Prospect Medical Holdings data breach but we’re yet to receive any official confirmation about the attack, leaving the claims for the Prospect Medical Holdings data breach unverified. 
The Prospect Medical Holdings data breach is the not the first incident that Rhysida ransomware group has made headlines with. Previously, the same group had targeted the National Institute of Social Services for Retirees and Pensioners, known as Programa de Atencion Medica Integral (PAMI), in Latin America. 
The breach revealed the group’s audacious nature, making brazen ransom demands and even posting samples of exfiltrated data on their dark web platform. The urgency of the Prospect Medical Holdings situation underscores the pressing need for organizations, regardless of size or industry, to fortify their cybersecurity infrastructure. 
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.