Cyber Incident Victim: Olympia House Rehab
Date:
Jul 2020
Location:
United States of America
Summary
Olympia House Rehab, a California-based medical facility, was compromised in a ransomware attack by Netwalker threat actors, alongside other healthcare entities. The attackers exfiltrated data and threatened to release it unless payment was received, though no patient information had been publicly dumped at the time of reporting. The incident involved unauthorized access to systems and potential exposure of sensitive information, with no public breach notice issued by the organization despite the attackers' claims and posted screenshots as proof of infiltration.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
Olympia House Rehab, a California-based medical facility, experienced a ransomware attack attributed to the Netwalker threat group around July 2020. The incident occurred alongside similar attacks targeting Piedmont Orthopedics/OrthoAtlanta and The Center for Fertility and Gynecology, though precise intrusion timelines for Olympia House were not explicitly detailed in available reports. Attackers gained unauthorized access to systems and deployed ransomware to encrypt data, subsequently demanding payment to restore access. As proof of compromise, Netwalker operators posted screenshots of exfiltrated files on their leak site, threatening to publish the full dataset unless ransom demands were met. The facility's website displayed no breach notifications or public statements regarding the incident as of August 10, 2020. DataBreaches.net attempted to obtain confirmation and details from Olympia House Rehab but received no response prior to publication. Unlike the Piedmont Orthopedics breach where attackers leaked 3.5 GB of data containing protected health information, Netwalker had not yet executed their data dump threat against Olympia House at the time of reporting. The nature of compromised systems and exact scope of data exposure remained unverified due to the organization's non-disclosure.
The attack occurred during a concentrated wave of ransomware operations targeting healthcare providers in mid-2020, with Netwalker specifically focusing on medical practices. Potential impacts included operational disruption from system encryption and risks of sensitive patient data exposure, though neither clinical interruptions nor data categories were explicitly confirmed for Olympia House. No containment measures, recovery actions, or coordination with law enforcement were documented in available sources. The absence of HIPAA breach notifications filed with HHS by August 2020 left the incident's regulatory status unclear. While Netwalker's screenshots suggested successful data exfiltration, the lack of subsequent leaks or victim communication created uncertainty regarding final outcomes. Parallel incidents at other medical facilities demonstrated patterns of ransomware deployment followed by extortion tactics, with some attackers escalating to data publication when ransoms went unpaid. Olympia House Rehab's case remained unresolved in public records at the time of reporting, with no verifiable information regarding ransom payment, data recovery, or post-incident remediation efforts.