top of page


  • Marijan Hassan - Tech Journalist

Norton Healthcare confirms data breach following its May ransomware attack

Norton Healthcare based in Kentucky has confirmed that what it initially thought was just a ransomware attack was also a data breach event. According to new findings, personal information belonging to patients, employees, and dependents was exposed in the attack.

"On May 9, 2023, Norton Healthcare discovered that it was experiencing a cybersecurity incident, later determined to be a ransomware attack," it said in a press release published on Friday, last week.

"Norton Healthcare notified federal law enforcement and immediately began working with a respected forensic security provider to investigate and terminate the unauthorized access.”

The company noted that the attackers were able to access certain network storage devices between May 7, 2023, and May 9, 2023, allowing them to steal a wide range of sensitive information. This includes name, contact information, Social Security Number, date of birth, health information, insurance information, and medical identification numbers.

Norton Healthcare says that, for some victims, the breached data may extend to financial account numbers, driver's licenses or other government ID numbers, and digital signatures.

Victims of the attack will receive two years of free credit protection services and additional information in breach notification letters.

The Black Cat ransomware group whose website is currently down in what seems to be a crackdown by law enforcement, claimed responsibility for the attack.

The healthcare sector has been a prime target for cybercriminals this year. This can be attributed to the sensitive nature of their operations which makes them more likely to pay ransom.

Cybercriminals have also resorted to employing double extortion where they steal sensitive data on top of encrypting critical business infrastructure.


bottom of page