- UK healthcare organization HCRG reportedly hit by ransomware attack
- Over 2.5TB of data offered for sale by Medusa ransomware gang
- Latest in a series of ransomware attacks targeting healthcare orgs
A private health and social services provider, the HCRG Care Group, has reportedly suffered a cyberattack at the hands of the Medusa ransomware gang.
The Register reported the gang is threatening to leak the information, which it claims to be stolen internal records. It seems the data was not encrypted by the gang, so the healthcare organization is still operational.
The Medusa gang’s dark web site claims the group has stolen 2.275TB of data, and the information is for sale for £1.6 million ($2 million), or offering to delete data for the same amount. They then threatened to leak the information online if the ransom isn’t paid by February 27.
Ongoing negotiation
Samples of the stolen data have been leaked, and of the 35 pages posted, the information seems to be passport and driving license scans, birth certificates, background checks, and staff rotas. These could put those affected at risk of identity theft, fraud, or social engineering scams.
"We can confirm that we are currently investigating an IT security incident and have recently identified a post on the dark web by a group claiming responsibility," a spokesperson for HCRG told The Register.
"Our team has not observed any suspicious activity since the implementation of immediate containment measures, and we are working with external forensic specialists to investigate the incident. Our services are continuing to operate and safely see patients, and those with appointments or who need to access our services should continue to do so."
Medusa has also offered to delay the release of the information for a fee of £8,000 per day to keep negotiations open.
Healthcare organizations are increasingly the target of cyberattacks, particularly ransomware - and are forced to pay millions in recovery, with the average successful attack costing over $2.5 million to resolve.
You might also like
- Check out our list of the best firewall software around today
- Top IVF firm says hackers accessed private data during cyber incident
- We've also rounded up the best malware removal software on offer right now
