The Everest ransomware gang has posted over 120 GB of medical data on two file hosting platforms for anyone to download for free.
The leaked files were allegedly stolen during a ransomware attack against a third-party doing business with MultiCare Health System, a Washington-based not-for-profit healthcare organization that operates eight hospitals and medical centers in the U.S.
Last week, the organization announced that one of its third-party service providers, Kaye-Smith, who prints forms for MultiCare, has suffered a ransomware attack that impacted current and former employees of the organization.
Everest claims the leaked data set includes 37,000 distinct medical documents, with 23,195 of them being detailed medical records. Also, 4,437 documents are medical records of clients of DeVero, a medical services management suite used in hospitals.
Other files in the leaked set include internal financial documents, certificates, contracts with institutions, contracts with service providers, etc.
RestorePrivacy has confirmed the download links are up, so the dataset is available to anyone with the URLs at the time of writing.
MultiCare has not confirmed the authenticity of the data yet, but we have contacted the organization to clarify that point and still waiting for their response.
Everest’s claims about holding data of MultiCare customers don’t match the recently disclosed security incident that, according to the organization, impacted only employees.
However, it matches a previous security incident that concerns a different third-party that was breached at the beginning of the year.
On August 10, 2022, and after the