UK healthcare giant HCRG confirms hack after ransomware gang claims theft of sensitive data

The U.K. healthcare giant HCRG Care Group is currently investigating a cybersecurity incident following claims by a ransomware gang that they have breached the company’s systems and stolen sensitive data.

HCRG Care Group, previously known as Virgin Care and now owned by Twenty20 Capita, is a major independent provider of community health and care services in the United Kingdom. The organization partners with National Health Service trusts and local authorities to deliver various healthcare services.

Recently, HCRG was listed on the dark web leak site of the Medusa ransomware group, who allege to have stolen over two terabytes of data from the company. The stolen data includes personal information of employees, medical records, financial records, and government identification documents.

In response to the incident, HCRG spokesperson Alison Klabacher stated that the company is investigating the security breach and is working with external forensic specialists. The company has notified the Information Commissioner’s Office and other regulators about the breach.

Despite the security incident, HCRG reassures that its services are operating as usual and patients should continue to access their healthcare services. The Medusa ransomware group is demanding a ransom of $2 million in exchange for not publishing the stolen data.

While HCRG has not disclosed how the compromise occurred, it is known that Medusa ransomware typically exploits vulnerabilities in remote desktop software.