The latest victim of REvil hackers (aka Sodinokibi group) is The Hospital Group based in Manchester, England.
A Manchester, England-based prominent cosmetic and weight loss specialist The Hospital Group has suffered a ransomware attack carried out by REvil hackers. As a result, hackers have stolen 600 GB worth of personal, sensitive, and financial data belonging to its customers.
REvil hackers are now threatening to leak the data in different phases starting from plastic surgery-related photos of patients. The group also plans to leak financial documents displaying contact and personal details of patients.
It is worth noting that REvil hackers (aka Sodinokibi group) are known for breaching the cyberinfrastructure of businesses, stealing their data, and demand ransom. In case the victim decides not to pay the ransom the group starts leaking the stolen data.
In The Hospital Group’s case; the cosmetic surgery giant owned by Transform Hospital Group is comprised of 11 clinics endorsed by several top-notch celebrities. However, according to the dark web site operated by REvil, the clinic decided not to pay ransom after which the group announced plans to leak the data online.
In a statement seen by Hackread.com, REvil group said that:
We have not seen any positive reaction from our friends from The Hospital Group, Center for Plastic Surgery in the UK. It’s time to introduce you to them too. We pumped out about 600 GB of the most important documents, personal data of customers, as well as intimate photos of these customers (this is not a completely pleasant sight.)
On the other hand, The Hospital Group has acknowledged the breach but maintained that the stolen data does not include customers’ card details.
In a statement, the company said that “We can confirm that our IT systems have been subject to a data security breach. None of our patients’ payment card details have been compromised but at this stage, we understand that some of our patients’ personal data may have been accessed.”
An important update. pic.twitter.com/HLthqupwn1
— Transform (@WeAreTransform_) December 22, 2020
This story is developing. Hackread.com is keeping an eye on the website operated by the REvil ransomware group and in case the data goes public this article will be updated accordingly.
We will publish the rest of the documents later, they need to be reviewed. We didn’t offer that much to you TheHospital Group! Believe me, customers, who file lawsuits against you, about privacy policies, can sue you a lot more than we do. I think counting with us will be less risky for you, REvil hackers warned.
For now, the damage has been done and its victims are unsuspected customers. Nevertheless, the company will now have to fight lawsuits and face hefty GDPR fines.