{ "id": "737b7faa-767c-4780-b1f7-ed0bd0fda879", "created_at": "2026-04-06T00:21:22.866082Z", "updated_at": "2026-04-10T03:20:40.919218Z", "deleted_at": null, "sha1_hash": "536c81caf979573fa6183cb67553af383d962492", "title": "Netwalker Ransomware Stole Data After Targeting Lorien Health Services", "llm_title": "", "authors": "", "file_creation_date": "0001-01-01T00:00:00Z", "file_modification_date": "0001-01-01T00:00:00Z", "file_size": 39443, "plain_text": "Netwalker Ransomware Stole Data After Targeting Lorien Health\r\nServices\r\nBy Abeerah Hashim\r\nPublished: 2020-07-23 · Archived: 2026-04-05 15:05:44 UTC\r\nMaryland-based nursing home facility Lorien Health Services has disclosed a ransomware attack. The incident\r\nimpacted the data of around 50 thousand individuals.\r\nLorien Health Services Suffered Ransomware Attack\r\nIn a recent security note, Lorien Health Services disclosed that it suffered a ransomware attack.\r\nAs revealed, the incident hit the health facility on June 6, 2020, and the malware encrypted part of its data.\r\nThough, the facility quickly detected the incident and engaged cybersecurity experts to investigate the matter.\r\nConsequently, on June 10, 2020, the investigated revealed that the attackers accessed personal information of\r\nLorien Health Services customers.\r\nAccording to the report Lorien Health Services submitted to the U.S. Department of Health and Human Services\r\nOffice for Civil Rights (OCR), the incident precisely affected 47754 individuals.\r\nRegarding the stolen information, the facility’s security notice revealed:\r\nThe information may have included residents’ names, Social Security numbers, dates of birth,\r\naddresses, and health diagnosis and treatment information.\r\nFollowing the incident, the service reported the matter to the FBI and notified the affected customers of the matter.\r\nThey are also offering credit monitoring and identity protection services to the victims as well.\r\nNetwalker Leaked Stolen Data Online\r\nThough, Lorien Health Services did not specifically state anything about the attackers. Nonetheless, according to\r\nBleepingComputer, the service fell prey to the Netwalker ransomware gang.\r\nAs reported, Netwalker operators already disclosed the incident in June 2020, the same month of the attack. They\r\nshared screenshots of directory listings belonging to the facility as proof of the attack.\r\nFor now, they have dumped part of the stolen data online as a 147MB password-protected archive and the unlock\r\nkey.\r\nBesides, since they named this file as ‘Part 1’, they potentially hint about sharing more data in the future.\r\nhttps://latesthackingnews.com/2020/07/23/netwalker-ransomware-stole-data-after-targeting-lorien-health-services/\r\nPage 1 of 2\n\nThough it remains unclear whether Lorien Health Services paid the ransom to the attackers, or the threat actors\r\npublished the data as revenge for non-payment.\r\nLet us know your thoughts in the comments.\r\nAbeerah Hashim\r\nAbeerah has been a passionate blogger for several years with a particular interest towards science and technology.\r\nShe is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity,\r\nhacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than\r\nweb surfing and staying updated about the tech world! Reach out to me at: abeerah@latesthackingnews.com\r\nSource: https://latesthackingnews.com/2020/07/23/netwalker-ransomware-stole-data-after-targeting-lorien-health-services/\r\nhttps://latesthackingnews.com/2020/07/23/netwalker-ransomware-stole-data-after-targeting-lorien-health-services/\r\nPage 2 of 2", "extraction_quality": 1, "language": "EN", "sources": [ "ETDA" ], "references": [ "https://latesthackingnews.com/2020/07/23/netwalker-ransomware-stole-data-after-targeting-lorien-health-services/" ], "report_names": [ "netwalker-ransomware-stole-data-after-targeting-lorien-health-services" ], "threat_actors": [], "ts_created_at": 1775434882, "ts_updated_at": 1775791240, "ts_creation_date": 0, "ts_modification_date": 0, "files": { "pdf": "https://archive.orkl.eu/536c81caf979573fa6183cb67553af383d962492.pdf", "text": "https://archive.orkl.eu/536c81caf979573fa6183cb67553af383d962492.txt", "img": "https://archive.orkl.eu/536c81caf979573fa6183cb67553af383d962492.jpg" } }