Industry News

Maze Ransomware Continues to Hit Healthcare Units amid Coronavirus (COVID-19) Outbreak

The infamous Maze Team has struck again, this time infecting an urgent walk-in care center in Texas with its system-crippling ransomware. Sticking to its traditional modus operandi, the hacking group is threatening to leak the caregiving unit’s patients’ data if ransom is not paid.

The Affordacare Urgent Care Clinic offers expert medical care for most common illnesses and injuries, complete with on-site X-ray and lab testing. The clinic’s site doesn’t say whether it also conducts tests for COVID-19 infections.

“Next time you or your family need medical care, simply walk in to one of our conveniently located clinics or check in online. We’ll get you feeling better fast,” reads a promotional message on the clinic’s home page.

Whether that statement is still valid remains to be confirmed, as hackers have allegedly infected the clinic’s systems with ransomware, which typically cripples digital equipment and hampers normal operation.

According to, AffordaCare was infected by Maze Team with ransomware on Feb. 1, but not before the hacker group stole more than 40 GB of data, including protected health information. The medical unit has yet to confirm the hack. However, Maze Team, in its trademark style, made the breach public on a website it uses to leak data stolen from victims who refuse to pay ransom.

“According to the hackers, when AffordaCare didn’t pay the demanded ransom to get a decryption key and to deter the attackers from publicly dumping the stolen data, Maze Team added the clinic to its website where it names its victims who are not cooperating with ransom demands,” reports.

And there is no reason to distrust the hackers’ claims. Maze Team is releasing samples of the stolen data, which includes: patients’ full names, Social Security number, date of birth, diagnosis code, treatment code, patient address and phone number, relevant medical history and reason for visit, billing information, insurance policy information, and more.

The dump also includes samples of data belonging to AffordaCare staff, including workers’ compensation documentation and employee payroll information.

If the hack is confirmed, AffordaCare is bound by law to disclose the breach publicly and report it to the US Department of Health and Human Services (HHS) within 60 days of learning of the incident.

With the Coronavirus outbreak in full swing, the timing couldn’t be worse for any clinic anywhere to get hit with ransomware, as evidenced by the attack on a Czech hospital and COVID-19 testing facility last week.

Here at Bitdefender we focus on keeping your devices protected from malicious activity and threats of all kinds. Now more than ever, you need autonomy and safety as you reach the world via your internet-enabled devices. That’s why we have extended the trial for our best security suite, ensuring that you can take care of your family’s devices for up to 90 days. If you’re already set up, why not make an unexpected gift to your loved ones who might not be aware of emerging cyber threats?

About the author


Filip is an experienced writer with over a decade of practice in the technology realm. He has covered a wide range of topics in such industries as gaming, software, hardware and cyber-security, and has worked in various B2B and B2C marketing roles. Filip currently serves as Information Security Analyst with Bitdefender.