- The British Health Organization HCRG allegedly affected by ransomware -attack
- Over 2.5 TB of data offered for sale by Medusa Ransomware Gang
- Latest in a series of ransomware -attacks targeting health organs
A private health and social provider, HCRG Care Group, reportedly has suffered a cyberattack in the hands of the Medusa Ransomware band.
Registered reported that the gang is threatening to leak the information it claims to be stolen internal items. It seems that the data was not encrypted by the gang, so the health organization is still operational.
The Medusa band’s dark site claims the group has stolen 2,275TB data and the information is for sale for 1.6 million pounds ($ 2 million) or offers to delete data for the same amount. They then threatened to leak the information online if ransom is not paid by February 27th.
Ongoing negotiation
Samples of the stolen data are leaked, and of the 35 pages sent, the information appears to be passport and driver’s license scans, birth certificates, background checks and staff Rotas. These could put those who are affected at risk of identity theft, scams or scams with social technique.
“We can confirm that we are currently investigating an IT security event and recently identified a post on the dark web of a group claiming responsibility,” a HCRG spokesman told HCRG Registered.
“Our team has not observed any suspicious activity since the implementation of immediate inclusion measures and we work with external forensic specialists to investigate the incident. Our services continue to operate and safely see patients, and those with appointments or need to get Access to our services should continue to do so.
Medusa has also offered to delay the release of the information against a fee of £ 8,000 per Day to keep the negotiations open.
Health organizations are increasingly the target of cyberattacks, especially ransomware – and is forced to pay millions in improvement, with the average successful attack that costs over $ 2.5 million to solve.
