Hospitals ask cloud storage company to hand over stolen data hosted on its servers

Hospital
(Image credit: Shutterstock.com/sfam_photo)

Two hospitals that suffered ransomware attacks have discovered their data is being stored by a cloud storage provider.

The hospitals are now asking the courts to force Wasabi Technologies to hand over the stolen information, so that they can look to verify exactly what data was taken.

The cloud storage firm has already provided copies of the data to the FBI to aid the investigation, but the hospitals are now pursuing a court order that will force Wasabi to return the data to its original owners.

Not the first hospitals to be targeted

The two hospitals based in New York operate on a not-for-profit model and founded the North Star Health Alliance which provides healthcare to 220,000 people in the northern New York area.

Carthage Area Hospital and Claxton-Hepburn Medical Center suffered attacks by LockBit, a ransomware gang who have targeted a number of hospitals in the US and Europe over the holiday period, causing chaos, diverting patients and requiring a large amount of care rescheduling.

As part of an investigation into the stolen data, the hospitals discovered information relating to the stolen data stored on the servers of a cloud storage platform run by Wasabi Technologies.

Speaking to 7News, North Star Health Alliance CEO Richard Duvall said, “So the best option explored by our legal team and working with the FBI is actually going after that company to get our secluded data so that we can be sure what information was leaked.”

The LockBit gang has been operating a ransomware-as-a-service (RaaS) since as early as 2019 which has been used to target a wide range of victims on an international scale, with estimates suggesting that since 2020, at least $91 million has been stolen from U.S. based organizations.

In a statement to TechRadar Pro, the company said "Wasabi is committed to complying with all relevant regulatory requests. It is our policy not to comment on ongoing legal matters."

Via BleepingComputer

More from TechRadar Pro

Benedict Collins
Staff Writer (Security)

Benedict Collins is a Staff Writer at TechRadar Pro covering privacy and security. Before settling into journalism he worked as a Livestream Production Manager, covering games in the National Ice Hockey League for 5 years and contributing heavily to the advancement of livestreaming within the league. Benedict is mainly focused on security issues such as phishing, malware, and cyber criminal activity, but he also likes to draw on his knowledge of geopolitics and international relations to understand the motives and consequences of state-sponsored cyber attacks.


He has a MA in Security, Intelligence and Diplomacy, alongside a BA in Politics with Journalism, both from the University of Buckingham. His masters dissertation, titled 'Arms sales as a foreign policy tool,' argues that the export of weapon systems has been an integral part of the diplomatic toolkit used by the US, Russia and China since 1945. Benedict has also written about NATO's role in the era of hybrid warfare, the influence of interest groups on US foreign policy, and how reputational insecurity can contribute to the misuse of intelligence.


Outside of work Ben follows many sports; most notably ice hockey and rugby. When not running or climbing, Ben can most often be found deep in the shrubbery of a pub garden.