U.Ok. healthcare large HCRG Care Group has confirmed it’s investigating a cybersecurity incident after a ransomware gang claimed to have breached the corporate’s methods to steal troves of delicate information.
HCRG Care Group is among the largest unbiased suppliers of group well being and care companies in the UK. The group, beforehand often called Virgin Care and now owned by Twenty20 Capita, companions with Nationwide Well being Service trusts and native authorities across the U.Ok. to ship healthcare companies, together with pressing care, sexual well being, and grownup and little one social care companies.
HCRG was this week listed on the darkish internet leak web site of the prolific Medusa ransomware group, which claims to have compromised the corporate to steal greater than two terabytes of knowledge.
Samples of the allegedly stolen information shared by Medusa and seen by TechCrunch seem to incorporate workers’ private info, delicate medical information, monetary information, and authorities identification paperwork, reminiscent of passports and start certificates.
HCRG spokesperson Alison Klabacher informed TechCrunch in an emailed assertion that the corporate is “presently investigating an IT safety incident” and has “just lately recognized a put up on the darkish internet by a bunch claiming duty.”
The corporate declined to say what kinds of information have been accessed however didn’t dispute Medusa’s claims. HCRG additionally declined to say what number of people are affected. In keeping with the corporate’s web site, HCRG has greater than 5,000 workers and delivers healthcare companies to half one million sufferers throughout the UK.
“Our staff has not noticed any suspicious exercise for the reason that implementation of quick containment measures, and we’re working with exterior forensic specialists to research the incident, the spokesperson stated.
HCRG stated it knowledgeable the U.Ok.’s Data Commissioner’s Workplace and different regulators in regards to the breach.
“Our companies are persevering with to function and safely see sufferers, and people with appointments or who have to entry our companies ought to proceed to take action,” the corporate stated.
The Medusa ransomware group is threatening to publish the allegedly stolen information except HCRG pays the gang a ransom demand of $2 million.
HCRG wouldn’t verify the way it was compromised, however Medusa is thought to use unpatched vulnerabilities in remote desktop software.
Trending Merchandise
![Rustic Grey Mason Jar Sconces for Home Decor, Decorative Chic Hanging Wall Decor Mason Jars with LED Strip Lights, 6-Hour Timer, Silk Hydrangea, & Iron Hooks for Home & Kitchen Decorations [Set of 2]](https://m.media-amazon.com/images/I/41DPf4UgGOL._SS300_.jpg)
