Hospitals ask cloud storage company to hand over stolen data hosted on its servers
Two hospitals take legal action over data found on cloud storage servers
Two hospitals that suffered ransomware attacks have discovered their data is being stored by a cloud storage provider.
The hospitals are now asking the courts to force Wasabi Technologies to hand over the stolen information, so that they can look to verify exactly what data was taken.
The cloud storage firm has already provided copies of the data to the FBI to aid the investigation, but the hospitals are now pursuing a court order that will force Wasabi to return the data to its original owners.
Not the first hospitals to be targeted
The two hospitals based in New York operate on a not-for-profit model and founded the North Star Health Alliance which provides healthcare to 220,000 people in the northern New York area.
Carthage Area Hospital and Claxton-Hepburn Medical Center suffered attacks by LockBit, a ransomware gang who have targeted a number of hospitals in the US and Europe over the holiday period, causing chaos, diverting patients and requiring a large amount of care rescheduling.
As part of an investigation into the stolen data, the hospitals discovered information relating to the stolen data stored on the servers of a cloud storage platform run by Wasabi Technologies.
Speaking to 7News, North Star Health Alliance CEO Richard Duvall said, “So the best option explored by our legal team and working with the FBI is actually going after that company to get our secluded data so that we can be sure what information was leaked.”
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
The LockBit gang has been operating a ransomware-as-a-service (RaaS) since as early as 2019 which has been used to target a wide range of victims on an international scale, with estimates suggesting that since 2020, at least $91 million has been stolen from U.S. based organizations.
In a statement to TechRadar Pro, the company said "Wasabi is committed to complying with all relevant regulatory requests. It is our policy not to comment on ongoing legal matters."
Via BleepingComputer
More from TechRadar Pro
Benedict has been writing about security issues for over 7 years, first focusing on geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division), then continuing his studies at a postgraduate level, achieving a distinction in MA Security, Intelligence and Diplomacy. Upon joining TechRadar Pro as a Staff Writer, Benedict transitioned his focus towards cybersecurity, exploring state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.