TechCrunch News 02月20日
UK healthcare giant HCRG confirms hack after ransomware gang claims theft of sensitive data
index_new5.html
../../../zaker_core/zaker_tpl_static/wap/tpl_guoji1.html

 

英国最大的独立社区医疗服务提供商HCRG Care Group подтвердила正在调查一起网络安全事件,原因是勒索软件组织Medusa声称已入侵该公司系统,窃取了大量敏感数据。被盗数据样本包括员工个人信息、敏感医疗记录、财务记录和政府身份证明文件等。HCRG已向英国信息专员办公室和其他监管机构报告了此次违规事件,并正在与外部取证专家合作调查该事件。Medusa勒索软件组织威胁称,除非HCRG支付200万美元的赎金,否则将公布被盗数据。

🚨HCRG Care Group是英国最大的独立社区医疗服务提供商之一,与英国国家医疗服务体系信托机构和地方当局合作,提供包括紧急护理、性健康以及成人和儿童社会护理服务。

⚠️Medusa勒索软件组织声称已入侵HCRG公司系统,窃取了超过2TB的数据,并在暗网泄露站点上公布了HCRG的信息,威胁公开窃取的数据。

🛡️HCRG表示已采取紧急遏制措施,并正在与外部取证专家合作调查该事件。公司已通知英国信息专员办公室和其他监管机构有关此次数据泄露事件,并强调其服务仍在继续运营,患者可以继续预约和接受服务。

💰Medusa勒索软件组织要求HCRG支付200万美元的赎金,否则将公开窃取的数据。Medusa以利用远程桌面软件中未修补的漏洞而闻名。

U.K. healthcare giant HCRG Care Group has confirmed it’s investigating a cybersecurity incident after a ransomware gang claimed to have breached the company’s systems to steal troves of sensitive data. 

HCRG Care Group is one of the largest independent providers of community health and care services in the United Kingdom. The organization, previously known as Virgin Care and now owned by Twenty20 Capita, partners with National Health Service trusts and local authorities around the U.K. to deliver healthcare services, including urgent care, sexual health, and adult and child social care services.

HCRG was this week listed on the dark web leak site of the prolific Medusa ransomware group, which claims to have compromised the company to steal more than two terabytes of data. 

Samples of the allegedly stolen data shared by Medusa and seen by TechCrunch appear to include employees’ personal information, sensitive medical records, financial records, and government identification documents, such as passports and birth certificates.

HCRG spokesperson Alison Klabacher told TechCrunch in an emailed statement that the company is “currently investigating an IT security incident” and has “recently identified a post on the dark web by a group claiming responsibility.”

The company declined to say what types of data were accessed but did not dispute Medusa’s claims. HCRG also declined to say how many individuals are affected. According to the company’s website, HCRG has more than 5,000 employees and delivers healthcare services to half a million patients across the United Kingdom.

“Our team has not observed any suspicious activity since the implementation of immediate containment measures, and we are working with external forensic specialists to investigate the incident, the spokesperson said. 

HCRG said it informed the U.K.’s Information Commissioner’s Office and other regulators about the breach.

“Our services are continuing to operate and safely see patients, and those with appointments or who need to access our services should continue to do so,” the company said.

The Medusa ransomware group is threatening to publish the allegedly stolen data unless HCRG pays the gang a ransom demand of $2 million.

HCRG wouldn’t confirm how it was compromised, but Medusa is known to exploit unpatched vulnerabilities in remote desktop software

Fish AI Reader

Fish AI Reader

AI辅助创作,多种专业模板,深度分析,高质量内容生成。从观点提取到深度思考,FishAI为您提供全方位的创作支持。新版本引入自定义参数,让您的创作更加个性化和精准。

FishAI

FishAI

鱼阅,AI 时代的下一个智能信息助手,助你摆脱信息焦虑

联系邮箱 441953276@qq.com

相关标签

HCRG Care Group Medusa勒索软件 网络安全 数据泄露
相关文章
影响 4900 万客户!戴尔数据遭泄露,涉及姓名、住址等信息
MediExcel 泄露了 50 万份患者文件