INC RANSOM claims ransomware attack on NHS Scotland | #ransomware | #cybercrime

INC RANSOM claims ransomware attack on NHS Scotland

Ransomware gang threatens to publish three terabytes of data, including confidential patient records.

The INC RANSOM ransomware gang has posted details of a recent attack on NHS Scotland, and threatened to publish three terabytes of stolen data “soon”.

The gang also posted several letters and other medical reports by way of proof of the attack.

Included in the “proof pack” are biochemistry reports, letters between doctors regarding patient treatments, genetics reports, and patient psychological reports. The documents include names and addresses, and very personal medical details.

INC RANSOM’s post was made on March 26, and no hard deadline has been given, nor a ransom demand.

While the ransomware gang claims the victim of the hack is NHS Scotland, NHS Dumfries and Galloway – one of fourteen regions administered by NHS Scotland – reported a cyber incident on March 15, warning that “there is a risk that hackers have been able to acquire a significant quantity of data”. Many of the documents in INC RANSOM’s proof pack appear to be from that region.

On March 19, NHS Dumfries and Galloway Chief Executive Jeff Ace released a further statement.

“As you would expect, this has been viewed as an extremely serious matter demanding a major response,” Ace said.

“Over recent days we’ve been very busy working with partner agencies to ensure the security of our systems, to adapt to the associated disruption, and to assess the potential risk posed by the hackers’ ability to access data.

“It must be noted that this is a live criminal investigation, and we are very limited in what we can say. In addition, a great deal of work is required in order to say with assurance what data may have been obtained, and we are not yet in that position.

“However, as it has been noted, there is reason to believe that those responsible may have acquired patient and staff-specific data.

“The NHS Board views patient and staff confidentiality as a key priority, along with ensuring welfare and wellbeing. As such, very great effort is being made to address this situation, and to try to prevent it from being repeated.

“We will look to update as and when we can, but in the meantime would again caution staff and patients to be on their guard for anyone accessing their systems, or anyone making contact with them claiming to be in possession of any information.”

It is unknown for certain if the two incidents are related, but the patient data leaked by INC RANSOM would appear to suggest a clear link.

NHS Dumfries and Galloway covers eleven hospitals, employs more than 3,800 people, and supports a region the south of Scotland with a population of 148,500.

Cyber Daily has reached out to NHS Dumfries and Galloway for further information.

Source link


National Cyber Security