The hack, which occurred on or before May 31, exposed around 300,000 Johns Hopkins patients’ data.
The attack is being attributed to Russian-backed ransomware gang Clop.
HHS has warned that Clop has been infiltrating a popular file transfer program called MOVEit to conduct global hacks. The Clop attack on MOVEit has compromised more than 670 organizations worldwide, including multiple U.S.-based hospital and health systems.
Cybersecurity experts told the publication that even if Johns Hopkins did everything right, it still could have fallen victim to the attack since it is only a “minor player”‘ in a massive breach. Organizations have less control over vulnerabilities in third-party software programs than they do in their own systems.
According to the publication, MOVEit was a trusted program used by large and well-known organizations.
Finance, tech and healthcare have reportedly been the industries hit hardest by the MOVEit breach.
