Breaking News
More () »

Investigation in ECHN Cyberattack continues, may not be related to FBI takedown of Qakbot

The FBI who is leading the investigation into the ECHN Cyberattack has yet to say if the two are related.

WATERBURY, Conn. — Nearly a month after the cyberattack of Prospect Medical Holdings which is the parent company of the Eastern Connecticut Health Network, Waterbury Health and Waterbury Hospital effects are still being felt.

“Prospect Medical continues to work around the clock to recover the company’s critical systems and restore their integrity. The company is making progress, and some operational systems are coming online,” said Nina Kruse, Chief Communications Officer at ECHN. 

According to their website the facilities that remain closed due to the cyberattack are Outpatient Medical Imaging at Women's Center, Manchester and Rockville Hospitals, Tolland and Evergreen Imaging, as well as Outpatient blood draw. 

Tuesday U.S Attorney Martin Estrada for the Central District of California along with the FBI announced a takedown of known network used for ransomware attacks like the one affecting Connecticut health facilities. 

Estrada said it’s “The most significant technological and financial operation ever led by the Department of Justice against a botnet.”

“A botnet is a network of compromised computer systems, and the bot net master basically owns and operates all of the infected computers,” said Vahid Behzadan, Ph.D., Asst. Professor of Computer & Data Sciences at University of New Haven. 

The FBI who is leading the investigation into the ECHN Cyberattack has yet to say if the two are related. When asked about the two being related FBI Spokesperson Charles Grady for the New Haven field office said, “The FBI is aware of the cyberattack of Prospect Medical Holdings, there are no specifics I can share about the Qakbot Takedown.”

Recently, a group named Rhysida has claimed responsibility for the Cyberattack on Prospect Medical Holdings in a post on the dark web selling the information claiming they retrieved 50,000 Social Security numbers, copies of drivers licenses, and financial information. Cybersecurity experts say those claims can’t always be trusted. 

“The information that is on the dark web you cannot say can be trusted or not, unless someone is able to verify that information,” said Robin Chataut, Ph.D., Asst Professor of Cybersecurity at Quinnipiac University.

Sign up for the FOX61 newsletters: Morning Forecast, Morning Headlines, Evening Headlines

When asked about if the FBI was looking into Rhysida, Grady answered “I cannot confirm or deny the existence of an Investigation.”

A Spokesperson for ECHN told FOX61 “We have become aware that Prospect Medical data was taken by unauthorized actors, the nature of which is being actively examined. If the investigation determines that any protected health or personal information is involved, we will provide the appropriate notifications in accordance with applicable laws."

Jake Garcia is a multimedia journalist for FOX61 News. He can be reached at jgarcia@fox61.com. Follow him on FacebookX, and Instagram.


Have a story idea or something on your mind you want to share? We want to hear from you! Email us at newstips@fox61.com



Download the FOX61 News APP

iTunes: Click here to download

Google Play: Click here to download

Stream Live on ROKU: Add the channel from the ROKU store or by searching FOX61.

Steam Live on FIRE TV: Search ‘FOX61’ and click ‘Get’ to download.


Before You Leave, Check This Out