Texas based medical center ‘Oakbend’ victims of ransomware attack

A medical center known as Oakbend Medical Center discovered an encrypted file from within their network at the beginning of September this year. To mitigate the potential of the attack, Oakbend Medical Center instantly gave the order to its IT department to shut down all of its systems upon discovery of the encrypted file. Following this, the attack was then reported to the United States. To ascertain the nature of the attack and what data the threat actors may have potentially gained, the Fort Bend County Government Cyberteam, the Cyber-Defense Campus, and the Federal Bureau of Investigation jointly initiated an investigation.
In addition to employing cybersecurity experts from Microsoft, Dell, and Malware Protects cybersecurity to undertake an investigation to assess the attack and examine its system cybersecurity, the Oakbend Medical Center’s CFO and IT department safeguarded all patient-centric systems. Following cleaning of those systems, meticulous work began to rebuild and repair them in a swift, yet cautious manner.Patient safety has never been in risk, and the medical facility has continued to run despite minor disruption and brief communication issues for patients, suppliers, doctors, and administrators.
Two weeks following Oakbend discovering the breach in their network, the medical center let its patients know that they may reach the hospital by phone and email. Although the center’s email is now operational again following the attack, its phone system is still functional but lacks sufficient voicemail features. By the end of the week, Oakbend intends to have the situation under full control. The medical facility was unable to ascertain whether the attackers’ exfiltrated files contained private patient data. On its data leak website, the ransomware group Daixin Team, however, claimed that the files that had been encrypted contained details including full names, birth dates, medical record numbers, patient account numbers, Social Security numbers, and personal health data. The group who carried out the attack has recently threatened to disclose all the stolen information, which is is alleged to include sensitive health information for just under one million individuals associated with Oakbend. Despite this, Oakbend Medical Center has opted not to pay the demanded ransom, and all contact between the parties has ceased following the threat.