Britsh Healthcare Provider Investigating Ransom Claims

Uploaded on 2025-03-03 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Health & Welfare

The British National Health Service (NHS) private service provider, the HCRG Care Group, has confirmed that it is investigating a suspected ransomware attack. 

HCRG Care Group, formerly Virgin Care, runs child and family health and social services for the NHS, delivering a wide range of community services, while employing more than 1,300 NHS staff.

Now, HCRG has said it is investigating claims by the  Medusa a ransomware group, which has claimed that it has stolen  more than two terabytes of sensitive information and is threatening to leak confidential internal records, unless a substantial ransom is paid.

The Medusa gang’s Dark Web site claims the group has stolen 2.275TB of data, and the information is for sale for £1.6 million ($2 million), or offering to delete data for the same amount. They then threatened to leak the information online if the ransom isn’t paid by February 27.

Samples of the stolen data have been leaked, and of the 35 pages posted, the information seems to be passport and driving license scans, birth certificates, background checks, and staff rotas. These could put those affected at risk of identity theft, fraud, or social engineering scams.

HCRG has said in a statement that it is looking into these claims made by Medusa that it has breached and stolen sensitive information. A spokesperson for HCRG group said: “We can confirm that we are currently investigating an IT security incident and have recently identified a post on the Dark Web by a group claiming responsibility... Our team has not observed any suspicious activity since the implementation of immediate containment measures, and we are working with external forensic specialists to investigate the incident...

.. Our services are continuing to operate and safely see patients, and those with appointments or who need to access our services should continue to do so.”

In compliance with UK rules, HCRG has informed the Information Commissioner's Office and relevant law enforcement agencies of the breach.

Digital Health     |     BBC     |     The Register     |     Tech Radar  |    Computing     |     MSN

Image: @HCRGCareGroup

You Might Also Read: 

EU To Strengthen Cyber Defence In Healthcare:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Salt Typhoon Exploited Cisco Vulnerabilities
Alibaba Intends To Spend $53bn On Developing AI »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

QinetiQ

QinetiQ

QinetiQ is one of the world's leading defence technology and security companies. Areas of activity include air, land, sea and space systems, weapons, robotics, C4ISR and cyber security.

Redbud

Redbud

Redbud is a specialist search and recruitment firm for Information Security professionals.

Clusit

Clusit

Clusit is the Italian Association for Information Security, a nonprofit organization devoted to promoting every aspect of information security.

SentinelOne

SentinelOne

SentinelOne is a pioneer in delivering autonomous security for the endpoint, datacenter and cloud environments to help organizations secure their assets with speed and simplicity.

Security Brokers

Security Brokers

Security Brokers focus services and solutions with a focus on strategic ICT Security and Cyber Defense issues.

Cybellum

Cybellum

Cybellum brings the entire product security workflow into one dedicated platform, allowing device manufacturers to keep the connected products they build cyber-secure and cyber-compliant.

SecureKey Technologies

SecureKey Technologies

SecureKey is a leading identity and authentication provider that simplifies consumer access to online services and applications.

Capy

Capy

Capy's SaaS-based security solutions will protect your website from bots, spam, humans and more.

SHIELD

SHIELD

SHIELD is an established end-to-end fraud management solution that blocks fraudulent activities such as account takeovers, fake accounts creation, fraudulent payments, loyalty fraud and more.

Monster Jobs

Monster Jobs

Monster is a global leader in connecting people to jobs, wherever they are. Monster covers all job sectors including cybersecurity in locations around the world.

AmWINS Group

AmWINS Group

AmWINS are a global specialty insurance distributor with expertise in property, casualty and professional lines including cyber liability.

Cryptyk

Cryptyk

CRYPTYK CLOUD is the first complete enterprise-class cloud security solution that includes cloud storage and broad protection against all external and internal threats.

Squad

Squad

Squad provides leading expertise to ensure protection against the most complex cyber threats. Combining the best practices of DevOps and Cybersecurity, we are committed to create a secured cyber space

CACI International

CACI International

CACI is at the forefront of developing and delivering technological breakthroughs that transform and optimize government operations.

The PenTesting Company

The PenTesting Company

The PenTesting Company is owned and operated by offensive security professionals. Penetration Testing is essentially all we do.

Xcelerate Solutions

Xcelerate Solutions

Xcelerate Solutions is a leading defense and national security company, providing integrated solutions in three service areas – Enterprise Security, Digital Transformation, and Strategic Consulting.