Axis Health System suffers cyberattack

Colorado-based Axis Health System experienced a cyberincident, it stated in a brief notice posted on its website. Axis stated that it quickly followed its incident response protocol and is actively investigating the incident. The health system's patient portal was offline during the response.

Axis Health System, which offers mental healthcare, primary care and dental services across 13 locations in Southwest and Western Colorado, said it would notify patients directly if it determines that patient data was affected during the incident.

Rhysida ransomware cyberthreat actors claimed responsibility for the cyberattack and threatened to release data on the dark web if Axis does not pay its price.

As previously reported, Rhysida emerged in May 2023 and is known to target victims around the world. In November 2023, the FBI, the Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing and Analysis Center (MS-ISAC) issued a joint cybersecurity advisory to warn critical infrastructure entities about Rhysida.

Analysts have observed Rhysida taking advantage of external-facing remote services, using living-off-the-land techniques and other tactics to persist within the target network. At the time of the alert, Rhysida had predominantly been used against healthcare, education, manufacturing, information technology and government entities.

In reaction to the Axis Health System incident, Todd Weber, vice president of professional services at security company Semperis, credited Axis Health System for having backup and recovery plans in place based on its notice to the public. However, Weber also stressed the troubling trend of ransomware in healthcare.

"Cyberattacks on healthcare organizations and hospitals, specifically, are disturbing, because patient care is at risk when threat actors encrypt systems and demand a ransom payment be made," Weber told TechTarget Editorial. "Unfortunately, dozens of hospitals have been attacked this year. And I see no end in sight."

Jill McKeon has covered healthcare cybersecurity and privacy news since 2021.