A ransomware gang claimed duty for the hack on Kettering Well being, a community of hospitals, clinics, and medical facilities in Ohio. The healthcare system is still recovering two weeks after the ransomware assault pressured it to close down all its pc techniques.
Interlock, a comparatively new ransomware group that has targeted healthcare organizations in the U.S. since September 2024, printed a submit on its official darkish website online, claiming to have stolen greater than 940 gigabytes of knowledge from Kettering Well being.
CNN first reported on Could 20 that Interlock was behind the breach on Kettering Well being. On the time, nonetheless, Interlock had not publicly taken credit score. Often, that may imply the cybercriminals are trying to extort a ransom from their victims, threatening to launch stolen knowledge. The truth that Interlock has now come ahead may point out that the negotiations have gone nowhere.
Contact Us
Do you will have extra details about Kettering Well being’s ransomware incident? Or different ransomware assaults? From a non-work gadget and community, you may contact Lorenzo Franceschi-Bicchierai securely on Sign at +1 917 257 1382, or by way of Telegram and Keybase @lorenzofb, or email.
Kettering Well being’s senior vice chairman of emergency operations, John Weimer, beforehand informed native media that the healthcare firm had not paid the hackers a ransom.
TK, a spokesperson for Kettering Well being, didn’t present remark when reached by TechCrunch on Wednesday.
Interlock didn’t reply to a request for remark despatched to an e mail handle listed on its darkish website online.
A short evaluation of a number of the recordsdata Interlock printed on its darkish website online seems to indicate the hackers have been capable of steal an array of knowledge from Kettering Well being’s inner community, together with non-public well being info, comparable to affected person names, affected person numbers, and medical summaries written by docs, which embody classes comparable to psychological standing, drugs, well being issues, and different classes of affected person knowledge. Different stolen knowledge consists of worker knowledge and the contents of shared drives.
One of many folders accommodates paperwork, comparable to background recordsdata, polygraphs, and different non-public figuring out info of law enforcement officials with Kettering Well being Police Division.
On Monday, Kettering Well being published an update on the cyberattack, saying the corporate was capable of restore “core elements” of its digital well being document system, which is offered by Epic, a healthcare software program firm. The corporate mentioned this was “a serious milestone in our broader restoration efforts and a significant step towards returning to regular operations” that enables it to “to replace and entry digital well being data, facilitate communication throughout care groups, and coordinate affected person care with better pace and readability.”