Your Local News | Allentown, Bethlehem & Easton
Play Live Radio
Next Up:
Available On Air Stations
Health & Wellness News

Hackers posted photos of LVHN cancer patients receiving treatment, hospital says

File photo
Lehigh Valley Health Network
Lehigh Valley Health Network says patient information and photos have been posted on the dark web by hackers who initiated a cybersecurity attack in February 2023.

SALISBURY TWP., Pa. - Hackers accused of initiating a cybersecurity attack on Lehigh Valley Health Network have posted patient information online, including photos of cancer patients receiving treatment.

The health network made the disclosure in a statement Tuesday.

  • The health network discovered unauthorized activity in its IT system on Feb. 6
  • It said hackers demanded a ransom that the network would not pay
  • Now it says patient photos and info have been posted on the dark web

It comes two weeks after LVHN said it was targeted by a ransomware gang known as BlackCat that had demanded a ransom that the network refused to pay.

“This unconscionable criminal act takes advantage of patients receiving cancer treatment, and LVHN condemns this despicable behavior,” LVHN spokesman Brian Downs said.

The initial attack, discovered Feb. 6, was on a network supporting a doctor’s practice in Lackawanna County, the network previously said. The network’s technology team launched an investigation, notified law enforcement and alerted cybersecurity experts.

On Tuesday, the network said stolen information posted on the dark web by BlackCat includes three screenshots of cancer patients receiving radiation oncology treatment at LVPG Delta Medix in Lackawanna County.

Also posted were seven documents containing patient information, Downs said.

The cybersecurity attack’s impact on other operations and systems was “very limited,” Downs said in a prepared statement.

“At this time, we continue our investigation and are in the process of identifying information involved in the incident,” he said.

BlackCat is reportedly tied to Russia. According to the U.S. government, it was first detected in November 2021 and targeted the health care industry.

According to Microsoft, BlackCat ransomware, also known as ALPHV, is often used for "double extortion" where attackers encrypt stolen data and then threaten to release it to the public if the ransom isn't paid.