Woonsocket, RI-based Community Care Alliance has agreed to pay $1,090,000 to resolve a class action lawsuit over a July 2024 ransomware attack by the Rhysida ransomware group.
Rhysida is a ransomware group that engages in double extortion tactics, stealing data and encrypting files. A ransom demand is issued, payment of which is required to obtain the decryption keys and to have the stolen data deleted. In contrast to many other groups that simply leak the stolen data if the ransom is not paid, Rhysida holds auctions and attempts to sell the stolen data, only leaking the stolen data if a sale cannot be secured. Rhysida claimed to have exfiltrated a 2.5 terabyte database in the attack.
Community Care Alliance discovered the attack on July 6, 2024, and determined that the ransomware group had access to its network from July 1, 2024, to July 5, 2024. During that time, data was exfiltrated, including names, addresses, birth dates, driver’s license numbers, Social Security numbers, diagnosis and condition information, lab test results, medications, health insurance information, and other sensitive data. The Community Care Alliance data breach involved the protected health information of 114,975 individuals…