According to a report by The San Diego Union-Tribune, the Tri-City Medical Center, which recently recovered from a ransomware attack, is now facing ongoing extortion efforts by the notorious cybercriminal group, “INC RANSOM.” The group claims to possess stolen records from the healthcare provider, including sensitive patient information, which they have posted on the dark web as “proof.”
Despite the hospital resuming operations, the cyber threat persists, as evidenced by the latest revelation on the dark web. The posted documents, allegedly taken during the digital attack on November 9, include patient names, phone numbers, and financial records. While the exact number of compromised records remains undisclosed, the cyber attackers are leveraging this information for their extortion efforts.
Jake Milstein, a cybersecurity advisor at Critical Insight, explains that such public disclosures are tactics to pressure organizations into paying ransoms. Notably, these groups now go beyond threatening to release documents; they exploit the information within, making specific demands, even contacting patients directly. Milstein warns that engaging with these threat actors is futile and emphasizes reporting such incidents to the appropriate authorities.
In a concerning development, cybercriminals are increasingly using stolen personal data for health care billing fraud. Patients are urged to monitor their financial accounts, medical records, and consider freezing their credit to mitigate potential long-term risks, especially for minors.
The San Diego Cyber Center of Excellence stresses the importance of digital hygiene to reduce vulnerability to cyber attacks. Key practices include enabling multifactor authentication, keeping software updated, exercising caution with online interactions, and employing strong, unique passwords managed by a password manager.
+ There are no comments
Add yours