The U.K.-based healthcare provider HCRG Care Group has announced that it is probing a cybersecurity breach following claims from a ransomware collective that they have infiltrated the company’s systems to exfiltrate a significant amount of sensitive information.
HCRG Care Group stands as one of the premier independent providers of community health and care services across the United Kingdom. Previously known as Virgin Care and currently managed by Twenty20 Capita, the organization collaborates with NHS trusts and local government entities throughout the U.K. to offer a diverse range of healthcare services, which encompass urgent care, sexual health, as well as adult and child social care.
This week, HCRG appeared on the dark web leak site operated by the infamous Medusa ransomware group, which asserts that it has breached the organization and stolen over two terabytes of data.
Evidence of the purportedly stolen data shared by Medusa, and reviewed by TechCrunch, seems to include personal details of employees, sensitive medical records, financial information, and government identification documents like passports and birth certificates.
Alison Klabacher, a spokesperson for HCRG, communicated in an email to TechCrunch that the organization is “currently investigating an IT security incident” and has “recently noted a post on the dark web from a group claiming responsibility.”
While the company refrained from disclosing specific data types that might have been compromised, it did not refute Medusa’s assertions. HCRG also withheld information on the number of individuals potentially affected. According to the organization’s website, it employs over 5,000 individuals and serves around half a million patients in the U.K.
“Our team has not detected any unusual activity since implementing immediate containment measures, and we are collaborating with external forensic experts to thoroughly investigate the incident,” the spokesperson remarked.
HCRG has notified the U.K.’s Information Commissioner’s Office alongside other regulatory bodies regarding the breach.
“Our services are operating as usual and are safely attending to patients, and those with appointments or needing our services should proceed as planned,” the organization stated.
The Medusa ransomware group is threatening to release the allegedly stolen information unless HCRG acquires the gang’s ransom demand of $2 million.
Though HCRG did not confirm the specific method of the breach, it is known that Medusa often capitalizes on unpatched vulnerabilities in remote desktop applications.
Compiled by Techarena.au.
Fanpage: TechArena.au
Watch more about AI – Artificial Intelligence
