BlackCat Ransomware Says It Snatched Millions of Medical Records

The BlackCat ransomware group, also known as ‘ALPHV,’ has claimed responsibility for the cyberattack that caused problems earlier in the month to Norton Healthcare, a healthcare provider that operates over 40 clinics and hospitals in the U.S. state of Kentucky.

The hackers claim to hold millions of medical records stolen from the healthcare system’s network, including SSNs (social security numbers), clinical images, test results, and more. Apart from patients, they claim to have information on 25,000 employees of Norton Healthcare.

The threat delivered by BlackCat is that the entire package of 4.7 terabytes they exfiltrated will be published, irreversibly exposing a large number of patients who received care in one of the organization’s medical centers.

Should Norton Healthcare choose to meet the threat actors’ demands by paying the ransom within a week (until June 1, 2023), the hackers have committed to deleting all stolen data. Moreover, they have pledged to supply video evidence of this action, although a video is far from a guarantee and cannot be deemed credible proof of deletion.

BlackCat’s message to Norton Healthcare CEO and execs

Unfortunately, medical data are precious to threat actors, as they are rich in information and incredibly exposing for affected individuals, opening many possibilities for phishing, scams, and even social engineering. Hence, they are almost always resold to other cybercriminals for a significant profit.

Norton Healthcare Facing Problems

Visitors of the Norton Healthcare website will see a warning about a cyberattack that took place on May 9, 2023. The notice

Read more

Explore the site

More from the blog

Latest News