The UK healthcare giant HCRG Care Group has confirmed it is investigating a cybersecurity incident after claiming that ransomware gangs violated the company’s systems to steal sensitive data.
HCRG Care Group is one of the largest independent providers of community health and care services in the UK. Formerly known as Virgin Care and now owned by Twenty20 Capita, the organization partners with the UK National Health Services trust and local government to partner with emergency care, sexual health, adult and child social care. We provide medical services, including services.
HCRG was listed this week on the Prolific Medusa Ransomware Group’s Dark Web Leak site.
Samples of stolen data shared by Medusa and allegedly seen by TechCrunch include employee personal information, confidential medical records, financial records, and government identification documents such as passports and birth certificates. Apparently.
HCRG spokesman Alison Klabacher told TechCrunch in an email statement that the company is “currently investigating IT security incidents,” saying, “is on the dark web by a group claiming responsibility recently. “We’ve identified the post.”
The company refused to say what kind of data was accessed, but did not dispute Medusa’s claims. The HCRG also refused to say how many individuals will be affected. According to the company’s website, HCRG has over 5,000 employees and provides healthcare services to 500,000 patients across the UK.
“Our team has not observed any suspicious activity since the implementation of immediate containment measures and is working with external forensic experts to investigate the case.
The HCRG said it has notified the UK Intelligence Commissioner’s office and other regulators of the violation.
“Our services continue to operate and we look at patients safely, and those who have appointments and need access to our services will still need to do so,” the company said. states.
The Medusa ransomware group is threatening to release data that is allegedly stolen unless HCRG pays the gang $2 million in ransom demand.
Although HCRG does not see how it was compromised, Medusa is known to exploit less than vulnerabilities in remote desktop software.
Source link
