The Community Clinic of Maui, also known as Mālama, revealed that over 123,000 individuals had their personal information compromised in a cyberattack that occurred in May 2024. The breach, which local news sources described as a ransomware attack, exposed sensitive data, including Social Security numbers, passport details, financial account information (with CVV numbers and expiration dates), medical treatment records, bank routing numbers, and even biometric data.
The attack took place between May 4 and May 7, forcing Mālama to take its servers offline to contain the damage. A total of 123,882 people were affected, leading to widespread outrage within the community, particularly since the clinic had to close its doors for nearly two weeks. When it eventually reopened at the end of May, operations were limited, and nurses had to rely on paper charts due to the loss of access to the clinic’s computer systems.
In response to the breach, Mālama reached out to law enforcement and hired cybersecurity experts to investigate. Their findings were confirmed on August 7. The clinic issued a notice stating that those whose Social Security numbers may have been compromised were offered complimentary credit monitoring. However, a filing with regulators in Maine contradicted this by indicating that identity theft protection services were not being provided. The organization has yet to clarify this discrepancy, despite requests for comment.
Legal action may be on the horizon, as a law firm is currently investigating potential lawsuits against Mālama over the data breach.
The attack on Mālama was claimed by LockBit, a notorious ransomware group that had been taken down by law enforcement earlier this year. In June, Europol and other agencies carried out multiple arrests and seized servers critical to LockBit’s operations in France, the U.K., and Spain. Despite these actions, the group’s previous attacks continue to have ripple effects across sectors.
Throughout 2024, healthcare systems across the U.S. have been frequent targets of cyberattacks, causing disruptions that have endangered communities. Two major healthcare systems—McLaren Health Care and Ascension—have faced severe ransomware attacks. Just last week, a level 1 trauma center in the southwest had to turn away ambulances due to a similar breach, highlighting the dangerous impact of such cyberattacks on critical infrastructure.
Sponsored • TRJ Ads
Inquiries: contact@therealistjuggernaut.com
