UK healthcare big HCRG confirms hack after ransomware gang claims theft of delicate knowledge

U.Ok. healthcare big HCRG Care Group has confirmed it’s investigating a cybersecurity incident after a ransomware gang claimed to have breached the corporate’s programs to steal troves of delicate knowledge. 

HCRG Care Group is likely one of the largest unbiased suppliers of group well being and care providers within the United Kingdom. The group, beforehand often known as Virgin Care and now owned by Twenty20 Capita, companions with National Health Service trusts and native authorities across the U.Ok. to ship healthcare providers, together with pressing care, sexual well being, and grownup and baby social care providers.

HCRG was this week listed on the darkish internet leak website of the prolific Medusa ransomware group, which claims to have compromised the corporate to steal greater than two terabytes of information. 

Samples of the allegedly stolen knowledge shared by Medusa and seen by TechCrunch seem to incorporate staff’ private info, delicate medical data, monetary data, and authorities identification paperwork, comparable to passports and beginning certificates.

HCRG spokesperson Alison Klabacher instructed TechCrunch in an emailed assertion that the corporate is “presently investigating an IT safety incident” and has “lately recognized a submit on the darkish internet by a gaggle claiming duty.”

The firm declined to say what sorts of knowledge have been accessed however didn’t dispute Medusa’s claims. HCRG additionally declined to say what number of people are affected. According to the corporate’s web site, HCRG has greater than 5,000 staff and delivers healthcare providers to half 1,000,000 sufferers throughout the United Kingdom.

“Our workforce has not noticed any suspicious exercise for the reason that implementation of fast containment measures, and we’re working with exterior forensic specialists to research the incident, the spokesperson stated. 

HCRG stated it knowledgeable the U.Ok.’s Information Commissioner’s Office and different regulators concerning the breach.

“Our providers are persevering with to function and safely see sufferers, and people with appointments or who have to entry our providers ought to proceed to take action,” the corporate stated.

The Medusa ransomware group is threatening to publish the allegedly stolen knowledge until HCRG pays the gang a ransom demand of $2 million.

HCRG wouldn’t verify the way it was compromised, however Medusa is understood to use unpatched vulnerabilities in distant desktop software program.