Maze Ransomware Continues to Hit Healthcare Units amid Coronavirus (COVID-19) Outbreak

The infamous Maze Team has struck again, this time infecting an urgent walk-in care center in Texas with its system-crippling ransomware. Sticking to its traditional modus operandi, the hacking group is threatening to leak the caregiving unit’s patients’ data if ransom is not paid.

The Affordacare Urgent Care Clinic offers expert medical care for most common illnesses and injuries, complete with on-site X-ray and lab testing. The clinic’s site doesn’t say whether it also conducts tests for COVID-19 infections.

“Next time you or your family need medical care, simply walk in to one of our conveniently located clinics or check in online. We’ll get you feeling better fast,” reads a promotional message on the clinic’s home page.

Whether that statement is still valid remains to be confirmed, as hackers have allegedly infected the clinic’s systems with ransomware, which typically cripples digital equipment and hampers normal operation.

According to, AffordaCare was infected by Maze Team with ransomware on Feb. 1, but not before the hacker group stole more than 40 GB of data, including protected health information. The medical unit has yet to confirm the hack. However, Maze Team, in its trademark style, made the breach public on a website it uses to leak data stolen from victims who refuse to pay ransom.

“According to the hackers, when AffordaCare didn’t pay the demanded ransom to get a decryption key and to deter the attackers from publicly dumping the stolen data, Maze Team added the clinic to its website where it names its victims who are not cooperating with ransom demands,” reports.

And there is no reason to distrust the hackers’ claims. Maze Team is releasing samples of the stolen data, which includes: patients’ full names, Social Security number, date of birth, diagnosis code, treatment code, patient address and phone number, relevant medical history and reason for visit, billing information, insurance policy information, and more.

The dump also includes samples of data belonging to AffordaCare staff, including workers’ compensation documentation and employee payroll information.

If the hack is confirmed, AffordaCare is bound by law to disclose the breach publicly and report it to the US Department of Health and Human Services (HHS) within 60 days of learning of the incident.

With the Coronavirus outbreak in full swing, the timing couldn’t be worse for any clinic anywhere to get hit with ransomware, as evidenced by the attack on a Czech hospital and COVID-19 testing facility last week.

Leave a Reply

Your email address will not be published. Required fields are marked *

Scroll to top