AlphV ransomware gang threatens to leak data of Pain Care Specialists

Pain Care Specialists, based in Oregon, are potentially grappling with the impact of a ransomware attack. Recent developments suggest that the entity fell victim to an attack orchestrated by a group known as AlphV. This malicious entity included Pain Care Specialists on their leak site, sharing files containing personal information concerning both employees and patients.

AlphV's listing specified that the breach occurred on September 13. The hacker group claimed to have encrypted the network and seized over 150GB of sensitive data. This encompassed a range of critical information, such as

• medical records,
• social security numbers,
• employee IDs,
• contracts,
• drug screenings,
• payments,
• other highly confidential data.

AlphV asserted that they had gained unauthorized access to federal medical regulation web-resources, enabling the management of prescribed medicine and access to medical records of various individuals.

AlphV presented Pain Care Specialists with an ultimatum, giving them until September 26 to establish contact; otherwise, they threatened to publicly release all the stolen data. AlphV also offered an option to Pain Care Specialist to pay a fee for various services, including providing a decryption tool for files and ensuring the complete deletion of their data from the hackers' servers. Failure to engage by September 26 would result in the dissemination of the leaked data, potentially leading to federal investigations and regulatory repercussions.

While the ransom amount was not specified in the email, the message from AlphV pointed out that paying extortion does not mitigate the incident's costs, incident response efforts, or potential litigation risks.

It remains unclear whether Pain Care Specialists have a backup to facilitate the restoration of their data, and no statement is available from Pain Care Specialists.