A company in Oregon in the US has reported a ransomware attack that led to the loss of sensitive employee and patient data of over 750,000 individuals.
The data breach potentially impacted about 750,000 patients and 522 current and former employees.
The criminal group identified by the FBI as responsible for the incident are known for conducting aggressive “double extortion” ransomware attacks once they have gained access to a network.
In double extortion attacks not only is the victim organisation’s data rendered inaccessible until a ransom is paid, but the criminal group may steal as well as encrypt the victim’s data. A threat to publish the stolen data is then made to extort additional payment. The criminals may further monetise the ransomware attack by coupling it with a Distributed Denial of Service (DDoS) attack or selling the stolen data onto other criminal groups.
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.