Hospital hackers publish private patient info
Hospital hackers publish private patient info
The group of hackers behind last month's attack that shut down the computer systems at Mayanei Hayeshua Medical Center in Bnei Brak released a huge data file that includes patient IDs and phone numbers along with sensitive medical information. A gag order was issued on the details of the investigation
The group of hackers that shut down Mayanei Hayeshua Medical Center's computer systems last month uploaded a 402GB file to the dark web that contains personal details of patients stolen from the hospital. According to them, they plan to publish more data in the coming days. "The hospital staff does not care about the privacy of their patients," they wrote in the message they published. The matter is under investigation by the police, and a restraining order was issued on the details of the investigation and the information that was revealed.
On August 8th, Mayanei Hayeshua hospital's computer systems were shut down following a cyber attack. A few hours later, the hospital announced that the attack had been contained, however later it was announced in a joint statement with the National Cyber Directorate that there was a fear of information leakage as a result of the attack.
Last night, the group of hackers behind the attack, Ragnar Locker, published a huge data file, 402 GB in size, which according to reports includes personal details of patients such as photo IDs and phone numbers alongside sensitive medical information such as disease details, test results, accident forms and treatment referral letters.
In the message they published, the hackers try to portray themselves as information security knights and claim that they had no choice but to publish the information. "We tried to draw their attention to the network problems and invited them to a discussion," they wrote. "Instead of a dialogue, they started playing tricks on us, they even tried to catch us with phishing. Really guys, seriously? So after multiple attempts to contact the management of Mayanei Hayeshua, it became clear to us that the management does not care about the privacy of their patients."
The "dialogue" the hackers are referring to was, apparently, demands to pay a ransom for the non-publication of the information, and in this context the hospital's decision to not enter into negotiations with the attackers and instead try to reveal their identity can be considered brave.
The attackers also claimed that since it was a hospital, they did not flood the information systems in order to avoid disrupting the operation of medical equipment. In addition, they clarify that they intend to publish more information: "Today we are publishing the first set of internal files, including personal information, internal emails, financial information, medical files and other very sensitive information. But that's not all. In the next 3-4 days we will reveal the complete database and a huge collection of internal correspondence."
Mayanei Hayeshua stated in response: "The hospital, in cooperation with the Ministry of Health, the National Cyber Directorate and the enforcement agencies, are continuing the investigation of the attack. The hospital has returned to full operation while strengthening the computer systems. In light of the blanket ban on publication of any related information, it is not possible at this stage to comment on the details of the investigation or the issue of the information that was published. We trust the relevant authorities and enforcement agencies to do their job faithfully. In accordance with the developments of the investigation and subject to the provisions of the court order, the hospital will operate a dedicated call center for the benefit of the patients."
The Cyber Directorate said in response: "The Ministry of Health and the National Cyber Directorate are examining the extent and nature of the leak and are guiding the hospital regarding the necessary steps it should be taking."