UK private health services firm told to pay up $2m for ransomware hit

News
By
published

Roughly 2TB of HCRG Care Group data is being held for ransom

A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
(Image credit: Getty Images)
  • UK healthcare organization HCRG reportedly hit by ransomware attack
  • Over 2.5TB of data offered for sale by Medusa ransomware gang
  • Latest in a series of ransomware attacks targeting healthcare orgs

A private health and social services provider, the HCRG Care Group, has reportedly suffered a cyberattack at the hands of the Medusa ransomware gang.

The Register reported the gang is threatening to leak the information, which it claims to be stolen internal records. It seems the data was not encrypted by the gang, so the healthcare organization is still operational.

The Medusa gang’s dark web site claims the group has stolen 2.275TB of data, and the information is for sale for £1.6 million ($2 million), or offering to delete data for the same amount. They then threatened to leak the information online if the ransom isn’t paid by February 27.

Ongoing negotiation

Samples of the stolen data have been leaked, and of the 35 pages posted, the information seems to be passport and driving license scans, birth certificates, background checks, and staff rotas. These could put those affected at risk of identity theft, fraud, or social engineering scams.

"We can confirm that we are currently investigating an IT security incident and have recently identified a post on the dark web by a group claiming responsibility," a spokesperson for HCRG told The Register.

"Our team has not observed any suspicious activity since the implementation of immediate containment measures, and we are working with external forensic specialists to investigate the incident. Our services are continuing to operate and safely see patients, and those with appointments or who need to access our services should continue to do so."

Medusa has also offered to delay the release of the information for a fee of £8,000 per day to keep negotiations open.

Healthcare organizations are increasingly the target of cyberattacks, particularly ransomware - and are forced to pay millions in recovery, with the average successful attack costing over $2.5 million to resolve.

You might also like

Ellen Jennings-Trace
Ellen Jennings-Trace
Staff Writer

Ellen has been writing for almost four years, with a focus on post-COVID policy whilst studying for BA Politics and International Relations at the University of Cardiff, followed by an MA in Political Communication. Before joining TechRadar Pro as a Junior Writer, she worked for Future Publishing’s MVC content team, working with merchants and retailers to upload content.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.

More about security
Image depicting hands typing on a keyboard, with phishing hooks holding files, passwords and credit cards.

US soldier pleads guilty to AT&T and Verizon cyberattacks, linked to Snowflake data theft
healthcare

Top IVF firm says hackers accessed private data during cyber incident
A young woman and a man shaking hands over a job contract

Google's latest AI tool helps you find your perfect job
See more latest