Johns Hopkins Health System Suffers Cyberattack

June 16, 2023 - Johns Hopkins University and Johns Hopkins Health are actively investigating a cyberattack and data breach that occurred on May 31. Johns Hopkins said that the attack involved a “widely used software tool” and impacted “thousands of other large organizations across the world.”

While the notice does not explicitly mention MOVEit, the timeline of the attack lines up with the discovery of a critical vulnerability in Progress Software’s MOVEit Transfer software, a widely used software tool.

As previously reported, Clop ransomware has taken a special interest in this vulnerability and began exploiting the previously unknown SQL injection vulnerability on May 27.

“The probability of cyber threat actors, including Cl0p, targeting the healthcare industry remains high,” HC3 said in a May 2023 alert. “Prioritizing security by maintaining awareness of the threat landscape, assessing their situation, and providing staff with tools and resources necessary to prevent a cyberattack remains the best way forward for healthcare organizations.”

Johns Hopkins said that it immediately took steps to secure its systems and engaged cybersecurity experts and law enforcement to assist in the investigation.

“Our initial investigation suggests that the data breach may have impacted sensitive personal and financial information, (including names, contact information, and health billing records). We are working now to assess the full scope of the incident and will be reaching out to all impacted individuals in the coming weeks,” the notice stated.

Johns Hopkins said it would notify impacted individuals of the breach as soon as it found out the full scope of the incident. The university also plans to offer credit monitoring services to the impacted individuals.