Boston Children’s Health Physicians targeted by BianLian ransomware group
Learn More
Boston Children’s Health Physicians (BCHP), a network of over 300 pediatric specialists affiliated with Boston Children’s Hospital, has been targeted by the BianLian ransomware group. The group claims responsibility for a cyberattack on BCHP and is threatening to leak stolen data unless a ransom is paid.
The attack began on September 6, 2024, when an IT vendor of BCHP was compromised. A few days later, BCHP detected unauthorized activity on its own network. An investigation, with assistance from a third-party forensic expert, confirmed that the attackers gained access to BCHP systems and exfiltrated sensitive data.
The breach affected current and former employees, patients, and guarantors, with potentially exposed data including:
- Full names
- Social Security numbers
- Addresses
- Dates of birth
- Driver's license numbers
- Medical record numbers
- Health insurance information
- Billing information
- Treatment information (limited)
The number of affected individuals is not disclosed.
BCHP has stated that electronic medical record systems were not impacted, as they are hosted on a separate network. As of now, no data has been leaked, which means the hackers are likely seeking to negotiate a ransom with BCHP.
BCHP plans to notify affected individuals by October 25, and those whose Social Security numbers or driver’s license numbers were exposed will be offered credit monitoring and protection services.
