嗯,用户让我总结一下这篇文章的内容,控制在一百个字以内,而且不需要用“文章内容总结”或者“这篇文章”这样的开头。直接写描述就行。 首先,我需要通读文章,抓住主要信息。文章讲的是Everest勒索软件攻击了Vikor Scientific的供应商Catalyst RCM,导致14万患者的资料被盗。数据泄露包括个人文件、电子健康记录、患者隐私信息、账单信息等。Catalyst在11月13日发现可疑活动,调查后发现有人滥用授权登录,在11月8-9日访问服务器并复制数据。Everest随后在Tor网站上泄露了这些数据,包括25,303个PDF文件和1,344个PDF文件。Catalyst通知了受影响的人,并提供了信用监控服务。 接下来,我需要把这些信息浓缩到一百字以内。重点包括:勒索软件攻击、供应商被黑、患者数据被盗、涉及人数、泄露的数据类型、以及应对措施。 可能的结构是:Everest勒索软件攻击Vikor Scientific的供应商Catalyst RCM,导致近14万患者的数据泄露,包括个人和医疗信息。Catalyst未支付赎金,数据被公开。公司已通知受影响者,并提供信用监控。 检查一下字数是否合适,确保不超过一百字。 </think> Everest勒索软件攻击Vikor Scientific的供应商Catalyst RCM,导致近14万患者的数据泄露,包括个人和医疗信息。Catalyst未支付赎金,数据被公开。公司已通知受影响者,并提供信用监控服务以应对潜在风险。 2026-2-24 08:37:25 Author: securityaffairs.com(查看原文) 阅读量:7 收藏
Everest ransomware hits Vikor Scientific ‘s supplier, data of 140,000 patients stolen
Pierluigi Paganini
February 24, 2026
Everest ransomware claims an attack on diagnostic firm Vikor Scientific (Vanta Diagnostics), exposing data of nearly 140,000 people.
The Everest ransomware group has claimed responsibility for a cyberattack on Vikor Scientific, now operating as Vanta Diagnostics. The healthcare diagnostic firm disclosed a data breach impacting nearly 139,964 individuals, as reported by the US Department of Health and Human Services (HHS).
The incident stems from the attack on Catalyst RCM, a third-party provider of revenue cycle management services. Around November 13, 2025, Catalyst detected suspicious activity in its secure file system. The company launched an investigation into the incident that revealed that an authorized login was misused to access a server on November 8–9, 2025, and copy data without permission.
In November 2025, the Everest ransomware group added Vikor Scientific and its affiliated labs, KorPath and Korgene, to its Tor data leak site. Catalyst RCM likely did not pay the ransom, and the cybercrime gang published allegedly stolen data, including Vikor Scientific documents.
The group claimed the theft of “internal company documents contains a huge variety of personal documents, EMRs, Patient’s private information, Billing information etc.”.
Everest claimed the theft of the Vikor Scientific database containing 25,303 PDF files (9.39 GB) and Korgene database containing 1,344 PDF Files (505 mb).
Catalyst reviewed the information to identify sensitive data and notify potentially affected individuals, completing this process by December 12, 2025.
“The categories of information that may be involved varies by individual, but could include some combination of name, date of birth, payment card information with access code, medical treatment, history, or diagnosis information, and health insurance information.” reads the data breach notification published by Catalyst RCM.
After discovering the breach, Catalyst notified partners and conducted a thorough review of potentially compromised data, updating policies to prevent future incidents. The company is not aware of any identity theft or fraud, they offer free credit monitoring and identity restoration to the impacted people. Individuals are encouraged to monitor accounts, review credit reports, and follow guidance on freezes, alerts, and protecting personal information.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Vikor Scientific)
如有侵权请联系:admin#unsafe.sh