Ransomware Group Leaks Data of Covenant Care Patients and Employees

Hello everyone, I have a bit of a story to share, and it’s about a cybersecurity affair that’s been brewing since November. A group called Hunters International announced that they had set their sights on Covenant Care. This is not the hunters’ first outing in the digital forest, nor is it Covenant Care’s maiden voyage in dealing with cyber threats. But since Hunters International made their move, we’ve seen a rather troubling stream of patient and staff data trickling out into the world.

Now, for those of you who aren’t familiar, Covenant Care is quite a big deal over in the states of California and Nevada. They provide a whole array of services including skilled nursing, residential care, therapy, and even home health care. They offer all this across 29 locations. Impressive, right? But what’s not so impressive is their response to this high-profile cyberattack.

Since Hunters International made their move, Covenant Care has stayed quiet on their website. No announcement of a data security incident and certainly no reference to it on the Health and Human Services (HHS) public breach tool. It’s almost as if the attack hadn’t happened at all! When pressed, Covenant Care simply shrugged. There’s no hint of a disruption in their services or a hint of care. But then again, maybe they’re just playing it cool.

Several attempts were made to get some form of comment from Covenant Care. In particular, whether they have taken the steps to inform their patients that their confidential and very personal health information might have found its way into the dark corners of the web. But to date, Covenant Care has remained tight-lipped, offering no reply.

This is not the first time that Covenant Care found themselves up against the cyber ropes. They had a similar incident back in 2019, when a phishing scheme affected over 7,000 of their patients. The breach included a wealth of personal and sensitive information. Everything from names, dates of birth and even Social Security numbers. After that, they vowed to ramp up their security measures and offer support to those affected.

However, Covenant Care was back under the same cloud earlier this year, when over 23,000 patients had their data breached as part of another phishing incident. There were similar facts, similar fallout, and similar promises of “we’ll do better next time”.

Not shockingly, Covenant Care has been rather unlucky in the cybersecurity department. Following the initial cyberattack, they experienced another phishing attack from Hunters International at one of their other facilities.

So, what’s the deal with Covenant Care’s security? Well, according to Hunters International, apparently, it’s been a walk in the park. They revealed that Covenant Care’s network was ‘very weak’. This rather blatant disregard for patient data leaves a lot to be desired. As this story continues to develop, I promise to keep you updated on this case of seemingly perpetual cyber warfare. So, stay tuned everybody and remember – always double-check the emails you open! We wouldn’t want your details to end up in the virtual wilderness, would we?

by Parker Bytes