Network Security
Vulnerability Management
Privileged Access Management
Endpoint Security
Threat Hunting
Unified Endpoint Management
Email & Collaboration Security
Contents:
The Ragnar Locker ransomware gang claims responsibility for the cyberattack on Mayanei Hayeshua hospital from Israel.
The incident occurred in August 2023, and cybercriminals allegedly managed to steal 1TB of data. Now, the criminal gang threatens to leak all that exfiltrated information.
The Ragnar Locker Data Leak Site
The Ragnar Locker ransomware group created a new page on their data leak site dedicated to the hospital, according to MalwareHunterTeam.
So, if there was a negotiation, it was not successful, as the Ragnar Locker gang just started leaking files from the medical center.
😫
“According to our rules we are publishing the data which were compromised during security research of the MYMC network.”
Security research?
😂 pic.twitter.com/JKO9SHtVU6— MalwareHunterTeam (@malwrhunterteam) September 6, 2023
Threat actors mentioned that although they did not encrypt devices because the victim was a hospital, they did steal data from the company.
First of all, we want to emphasize that since this is a medical institution – we didn’t run any encryption to avoid equipment malfunctions, or necessary instruments.
However, serious vulnerabilities allow us to download a lot of data and someone else in our place could use such vulnerability in any other way.
Ragnar Locker message (Source)
Threat actors leaked 420 GB of purportedly Mayanei Hayeshua stolen data so far. Furthermore, they threatened to disclose more over the following week.
Details about the Mayanei Hayeshua Attack
In the August 2023 cyberattack on Mayanei Hayeshua, the hospital’s computer systems for record-keeping were crippled, but the functionality of vital medical equipment remained unaffected.
As a result, the hospital was unable to admit new patients to its outpatient clinics and imaging centers. Individuals in need of emergency care needed to seek treatment at nearby medical facilities.
During the attack, Ragnar Locker alleges to have acquired sensitive data, encompassing medical records, procedural details, and medication prescriptions.
In a ransom note sent to Mayanei Hayeshua, the perpetrators assert that they have extracted 1 TB of information. This data includes a SQL database and email correspondence.
Why Threat Actors Target Hospitals?
Hospitals are lucrative targets for hackers because of the exceptionally sensitive patient information they store. This data can be exploited to demand substantial ransoms.
In recent months, there has been a surge in ransomware and extortion groups focusing on healthcare institutions, exemplified by Rhysida’s attacks on both Prospect Medical Holdings in the USA and Madeira Health Service (Sesaram).
If you want to keep up to date with everything we post, don’t forget to follow us on LinkedIn, Twitter, Facebook, and YouTube for more cybersecurity news and topics.
