Ransomware gang threatens to expose one million sensitive medical records online

(Image credit: Pixabay)

Ransomware operators Daixin Team are claiming to have stolen “more than a million records” from a U.S. healthcare organization, and are threatening to leak it all to the public. 

It's unclear whether this means a million affected patients, or a million pieces of sensitive information belonging to fewer patients, but whatever the case, the threat actors stole sensitive data from OakBend Medical Center, which operates three hospitals in the state of Texas, and shut down its communications and IT systems in the process. 

The stolen data allegedly includes employee and customer names, dates of birth, Social Security numbers, as well as data regarding patient treatments. More than enough to be used in identity theft, extortion, stage-two data breaches, and more. 

Full leak

But that will only happen if the group decides to go for the “full leak”, which suggests they might be negotiating with the healthcare provider over a potential ransom payment. 

OakBend did not say if it plans on paying or not, but it did say it pulled compromised endpoints offline and notified law enforcement and government agencies, including the FBI. Microsoft, Dell, and Malware Protects, have also been called in to assist. "At no time was patient safety ever in jeopardy," the company said in a press release following the incident. 

Even though some ransomware operators publicly promised not to go after healthcare organizations, non-profits, and similar institutions, some pay no regard to the fact that these attacks might put actual human lives in jeopardy. A similar attack happened in Pennsylvania recently as well, when Medical Associates of the Lehigh Valley had its systems breached, and 75,628 individuals' names, addresses, Social Security numbers, as well as medical records, compromised. 

Hospitals and other healthcare institutions were a major target during the Covid-19 pandemic, as well.

Via: The Register

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.