Italy, hacker attack on the Azienda Ospedaliera di Alessandria: unpublished details on the case
Italy, hacker attack on the Azienda Ospedaliera di Alessandria: unpublished details on the case
Marco A. De Felice aka amvinfe 12/29/2022 AOALAzienda Ospedaliera di AlessandriaData BreachRagnar_LockerRansomware
Share via:
Twitter
Facebook
More
For ethical reasons we did not want to spread
the news of the attack on the hospital's
IT infrastructure before the news became public
knowledge. Indeed, on December 20, SuspectFile had
already become aware of the ransom note written
by the Ragnar_Locker group.
Ransomware-type cyber attacks against hospitals around the world continue, this time an Italian hospital, the “Azienda Ospedaliera di Alessandria” (AOAL), suffers the loss of data.
The Ragnar_Locker ransomware group, after entering the hospital’s computer systems, exfiltrated administrative documents and medical records of hospitalized patients.
In the ransom note cybercriminals write
HELLO Hospital!
If you reading this message, it means your network was PENETRATED and your most sensitive files were COMPROMISED
Ragnar_Locker warns that the exfiltrated data will be made public if a deal is not opened, or if the hospital decides to contact third-party negotiators such as the FBI, Police or data recovery companies.
In the note there are two disturbing passages, the first relating to the theft of about 1TB of sensitive data and above all the possibility by Ragnar_Locker to block all the AOAL structures making the data present on the servers unusable. A possibility, reads the note, which they did not want to consider just so as not to endanger the health of patients.
[ YOU HAVE TO CONTACT US via LIVE CHAT IMMEDIATELY TO RESOLVE THIS CASE AND MAKE A DEAL ]
…
**** WARNING ****
DO NOT Hire any third-party negotiators (recovery/FBI/police and etc), otherwise we will close chat immediately and Publish your Data.
With this message we want to let you know that we have obtained access everywhere in your network
…
However, we didn’t do that only because of willing to avoid interruption in hospitals normal business processes and don’t put health of the patients under risk.
But unfortunately, you have allowed data leak, about 1TB of personal data was compromised. So, your clients didn’t get the required protection.
On November 29, a press release was published on the hospital website informing that, due to (translated into English)
“… some disruptions in the IT infrastructure, admissions for laboratory analysis tests throughout the province are temporarily suspended. The Hospital is working to fix the problem. It should be noted that emergencies and laboratory tests are guaranteed for the wards”.
Marco A. De Felice aka amvinfe 12/29/2022 AOALAzienda Ospedaliera di AlessandriaData BreachRagnar_LockerRansomware
Share via:
More
For ethical reasons we did not want to spread
the news of the attack on the hospital's
IT infrastructure before the news became public
knowledge. Indeed, on December 20, SuspectFile had
already become aware of the ransom note written
by the Ragnar_Locker group.
Ransomware-type cyber attacks against hospitals around the world continue, this time an Italian hospital, the “Azienda Ospedaliera di Alessandria” (AOAL), suffers the loss of data.
The Ragnar_Locker ransomware group, after entering the hospital’s computer systems, exfiltrated administrative documents and medical records of hospitalized patients.
In the ransom note cybercriminals write
HELLO Hospital!
If you reading this message, it means your network was PENETRATED and your most sensitive files were COMPROMISED
Ragnar_Locker warns that the exfiltrated data will be made public if a deal is not opened, or if the hospital decides to contact third-party negotiators such as the FBI, Police or data recovery companies.
In the note there are two disturbing passages, the first relating to the theft of about 1TB of sensitive data and above all the possibility by Ragnar_Locker to block all the AOAL structures making the data present on the servers unusable. A possibility, reads the note, which they did not want to consider just so as not to endanger the health of patients.
[ YOU HAVE TO CONTACT US via LIVE CHAT IMMEDIATELY TO RESOLVE THIS CASE AND MAKE A DEAL ]
…
**** WARNING ****
DO NOT Hire any third-party negotiators (recovery/FBI/police and etc), otherwise we will close chat immediately and Publish your Data.
With this message we want to let you know that we have obtained access everywhere in your network
…
However, we didn’t do that only because of willing to avoid interruption in hospitals normal business processes and don’t put health of the patients under risk.
But unfortunately, you have allowed data leak, about 1TB of personal data was compromised. So, your clients didn’t get the required protection.
On November 29, a press release was published on the hospital website informing that, due to (translated into English)
“… some disruptions in the IT infrastructure, admissions for laboratory analysis tests throughout the province are temporarily suspended. The Hospital is working to fix the problem. It should be noted that emergencies and laboratory tests are guaranteed for the wards”.
