The RansomHub extortion group has leaked data from the Florida Health Department after threatening to publish 100 GB of stolen data if a ransom was not paid. The cybercriminals demanded an unspecified amount of ransom, but the state did not comply with their demands.
A representative from the Department confirmed the cyber attacks on July 3. Despite being given a deadline until July 5 to pay the ransom by RansomHub, the Florida government has chosen to adhere to a policy of non-payment of ransom.
The attack targeted the Vital Statistics system used for issuing birth and death certificates, affecting at least 2 out of the 67 district offices. However, efforts are underway to resume the processing of birth and death certificates in those offices.
The Health Department stores highly sensitive state data, including Covid-19 vaccination records, medication information, and patient data related to medical cannabis.
While experts could not confirm the ownership of 100 GB of files by RansomHub, the group’s website does contain a significant amount of internal department data, much of which consists of personal or confidential medical information.
An analysis of the stolen files revealed various types of information, including test results, passport scans, prescriptions, personal correspondence, and employee compensation records containing personal and demographic data.
The Department is coordinating with law enforcement agencies and other stakeholders to address the situation. Once a comprehensive assessment is completed, all affected parties will be notified accordingly.