hypertension nephrology associates ransomware

Pennsylvania medical practice Hypertension Nephrology Associates over the past week notified 39,491 people of a January data breach that compromised patient names, Social Security numbers, and health insurance ID numbers, among other data.

Ransomware gang BianLian claimed responsibility for the attack, saying it stole 506 GB of data including finance, human resources, health, and other personal info, plus test results, email correspondence, and SQL databases.

Hypertension Nephrology Associates released a statement on May 14, 2024 stating, “The forensic investigation determined the cybercriminals accessed the Practice’s systems containing information on both current and former patients between January 20, 2024, and February 6, 2024. During this time, they exfiltrated data containing [personal health information].”

The practice hasn’t confirmed BianLian’s claim. We don’t yet know how attackers breached HNA’s claims, how the attack affected HNA’s systems, how much the ransom is, and whether HNA intends to pay it. Comparitech contacted Hypertension Nephrology Associates for comment and will update this article if it hears back.

Comparitech recommends victims take advantage of the free credit monitoring offered by HNA. Keep an eye on your credit reports, account statements, and medical bills for signs of fraud.

Who is BianLian?

First appearing in late 2021, BianLian has been confirmed as the group behind 39 ransomware attacks worldwide, according to our data, affecting 1,274,805 records in total. Its targets span the government, healthcare, and education sectors, including Save the Children, Air Canada, and Australia’s critical infrastructure.

BianLian has claimed seven confirmed attacks so far this year, including Optometric Physicians of Middle Tennessee and Lindsay Municipal Hospital. It was also behind the Q Financial attack that affected 211,650 records.

On top of that, we’ve recorded 158 unconfirmed attacks by BianLian — 65 of which are for this year.

Ransomware attacks on US healthcare

Since 2018, we’ve recorded 536 confirmed ransomware attacks on US healthcare organizations, affecting 68.8 million records.

129 occurred in 2023 (21,285,605 records affected) and 17 so far in 2024 (988,350 records affected).

We’ve also logged 78 unconfirmed attacks on US healthcare entities so far this year.

Ransomware attacks on US healthcare organizations can cripple key systems and endanger the privacy and security of patients. Hospitals and clinics may have to resort to pen and paper, cancel certain appointments, and divert patients elsewhere until systems are restored.

About Hypertension Nephrology Associates, P.C.

Hypertension Nephrology Associates is a medical practice spanning three locations in Pennsylvania. It offers treatment for hypertension and kidney disease.