The Ragnar Locker hacking group has claimed responsibility for the cyber attack on Mayanei Hayeshua, an Israeli hospital, that occurred last month. The group has stated that they stole 1TB of data from the hospital and has threatened to release the information if a ransom is not paid.
In a message published on their own leak website, the hackers explained that they purposely did not encrypt the hospital’s computers in order to avoid interfering with the operation of medical equipment. However, they discovered significant vulnerabilities in the institution’s network, which allowed them to download hundreds of gigabytes of information.
The stolen data includes personal patient information, financial records, medical cards, and other sensitive data. The hackers announced that they have already released the first batch of internal files, containing personal and financial information, and plan to publish the entire SQL database and a large number of PST files containing internal correspondence in the coming days.
The hospital’s network was hacked in early August, resulting in the disabling of administrative computer systems. Fortunately, the attack did not have any impact on the functionality of medical equipment.
The hackers claim that they attempted to communicate with the hospital’s administration, but were met with disrespect and phishing attempts. As a result, they concluded that the hospital’s leadership does not prioritize patient confidentiality, leading them to release the stolen data.
Back in March 2022, the FBI and CISA issued a warning about the activities of the Ragnar Locker group. The warning stated that the hackers had infiltrated the networks of 52 organizations across 10 critical infrastructure sectors, stealing confidential information and encrypting data. The FBI notification also provided details about the group’s attack methods, bitcoin addresses for ransom payments, and email addresses of the group’s operators.
This incident serves as a stark reminder of the importance of increasing cybersecurity measures in medical institutions, as well as the serious consequences of underestimating the threat posed by hackers.