- Comparitech Stack Report
- Posts
- Ransomware Hits Resource Corporation of America
Ransomware Hits Resource Corporation of America
Taylor Hawes
February 25, 2026
From the Editor’s Desk
Healthcare vendors remain prime ransomware targets, yet many still rely on legacy systems and third-party billing partners with broad data access. At the same time, maritime operators are facing sharper scrutiny as ships become connected nodes in global supply chains. The past week shows one pattern clearly: operational technology and service providers are now squarely in attackers’ sights.
🔎 Deep Brief
Ransomware Hits Resource Corporation of America
Houston-based medical billing company, Resource Corporation of America (RCA), confirmed that unauthorized actors accessed its systems between December 9 and December 17, 2025. In a public notice, the company stated it became aware of suspicious activity on December 17 and later confirmed that files were copied from its network.
Stolen data may include names, Social Security numbers, dates of birth, addresses, health insurance details, and medical diagnosis and treatment information. Shortly after the incident window, two ransomware groups - Medusa and Qilin, claimed responsibility. Medusa publicly demanded $800,000 and posted sample images of alleged stolen documents on its leak site. Qilin also claimed the breach but did not disclose a ransom demand.
RCA has not confirmed either group’s claims.
Takeaway
Medical billing firms sit at a high-risk intersection of financial and clinical data. Network segmentation, strict access control, and continuous third-party oversight are core defenses against both data theft and operational disruption.
Put your emails on autopilot, and your business results in overdrive.
Marketing that runs itself? Yeah, that’s a thing now.
Constant Contact has automation tools that run in the background so you don’t have to. Emails, texts, offers — they go out exactly when you want them to, without needing to hit send every time.
Want to make customers feel seen? Use an automation template to send birthday wishes. Trying to boost sales? Set up an abandoned cart email — it’s a friendly reminder that often leads to actual purchases. Got customers who’ve gone MIA? Send a promo or offer to bring them back.
Are you ready to stop spending time on repetitive stuff? Then give Constant Contact’s automation tools a try. It’s free to get started, and honestly? It’s kind of a game changer.
🧠 Strategy in Action
Maritime Cybersecurity Meets Policy and Engineering
Between 2024 and 2025, cyberattacks against the maritime sector increased in both frequency and technical depth. In response, CYTUR Inc. released its 2026 Maritime Cyber Threat White Paper, based on incident data gathered through its maritime threat intelligence platform, CYTUR-TI.
The report shows that expanded shipboard satellite communications have widened attack surfaces across global fleets. A major shift involves ransomware moving beyond traditional IT systems into operational technology. Attackers are now targeting ballast water controls, engine monitoring systems, and other vessel-critical OT components, causing operational stoppages rather than limited office disruption.
Takeaways:
Maritime cybersecurity is now tied directly to vessel certification and delivery approval. Operators are shifting from perimeter defense models to resilience planning, with incident recovery capability becoming a core operational requirement.
🕵️ Threat Actor Spotlight
APT1
APT1, also known as Comment Crew or PLA Unit 61398, is a China-linked cyber espionage group identified as one of the most persistent and prolific Advanced Persistent Threat (APT) actors. It has been attributed to the People’s Liberation Army (PLA) of China and is known for large-scale cyber intrusions targeting corporations and government agencies worldwide. Operating since at least 2006, this group targets global industries to steal massive amounts of intellectual property. They are known for using spear-phishing and custom backdoors strategies.
🛠️ Tool Check
Best Ping Monitoring Tools
Ping monitoring tools track the uptime and responsiveness of network devices. It can detect when a device becomes unreachable or experiences increased response times.
Here is our list of the top ping monitoring tools:
Domotz - Best for multi-site businesses and MSPs.
Paessler PRTG - Best for businesses of all sizes (free for small).
Site24×7 - Best for multi-website owners with time constraints.
ManageEngine OpManager - Best for all but very smallest businesses (free limited).
ManageEngine Applications Manager - Best for multi-site/cloud app monitoring (free for small).
🗣️ Community Signal
Claude Code Security is another example of how AI is disrupting existing technologies. And the equity market’s reaction was indicative of how this threat of disruption is met with fear versus excitement around the opportunity it presents. Of course AI will subsume certain categories, but the market hasn’t yet calibrated where these changes may in fact create tailwinds for growth. Steve Vintz, Co-Chief Executive Officer at Tenable.
📚 Don’t Miss This
|
Until Friday’s edition - Let’s keep that zero-day count at zero!