Highlands Oncology Group notified authorities about a ransomware attack discovered on June 2, affecting access to files since January 21. The Medusa gang demanded $700,000 to delete the data, impacting 113,575 people, and created a countdown until July 21. Although the current status on Medusa’s leak site remains unclear, Highlands has posted a notice on its website admitting to the ransomware attack while neither confirming nor denying any extortion payment. Previous incidents include a December 2023 attack affecting 55,297 patients with compromised personal health information.
On June 19, the Medusa gang had added Highlands to its leak site with a price tag of $700,000.00 to delete the data or download it.
A total of 113,575 people were affected by this attack. The incident has not yet shown up on HHS's public breach tool.
Highlands Oncology Group experienced a ransomware incident that affected the protected health information (PHI) of 55,297 individuals, including names and Social Security numbers.
The notice discloses that it was a ransomware attack, but makes no mention of any extortion demand and whether any data showed up on the internet.
Collection
[
|
...
]