- According to reports, the United Kingdom Health Health Organization HCRG hit Ransomware Attack
- More than 2.5 TB of data offered for sale by Medusa Ransomware Gang
- The latest in a series of ransomware attacks aimed at medical care org
According to reports, a private health and social services provider, the HCRG care group, has suffered a cyber attack at the hands of the Medusa ransomware.
The registration He informed that the gang threatens to filter the information, which claims to be stolen internal records. It seems that the data were not encrypted by the gang, so the medical care organization is still operational.
The Dark Website of the Medusa gang states that the group has stolen 2,275TB of data, and the information is for sale for £ 1.6 million ($ 2 million), or offering delete data for the same amount. Then they threatened to filter the online information if the rescue is not paid before February 27.
Continuous negotiation
Samples of stolen data have been leaked, and the 35 pages published, the information seems to be passport scans and driver’s license, birth certificates, background and broken personnel verifications. These could put those affected at risk of identity theft, fraud or social engineering scams.
“We can confirm that we are currently investigating a IT security incident and recently we have identified a publication in the dark network by a group that claims responsibility,” said a HCRG spokesman for HCRG. The registration.
“Our team has not observed any suspicious activity since the implementation of immediate containment measures, and we are working with external forensic specialists to investigate the incident. Our services continue to operate and safely see patients, and those with appointments or who need to access our services should continue to do it. “
Medusa has also offered to delay the release of information for a rate of £ 8,000 per day to maintain open negotiations.
Medical care organizations are increasingly the objective of cyber attacks, particularly ransomware, and are forced to pay millions in recovery, with the average successful attack that costs more than $ 2.5 million to resolve.
