British Healthcare Provider Investigating Ransom Claims

Uploaded on 2025-03-03 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Health & Welfare

The British National Health Service (NHS) private service provider, the HCRG Care Group, has confirmed that it is investigating a suspected ransomware attack. 

HCRG Care Group, formerly Virgin Care, runs child and family health and social services for the NHS, delivering a wide range of community services, while employing more than 1,300 NHS staff.

Now, HCRG has said it is investigating claims by the  Medusa a ransomware group, which has claimed that it has stolen  more than two terabytes of sensitive information and is threatening to leak confidential internal records, unless a substantial ransom is paid.

The Medusa gang’s Dark Web site claims the group has stolen 2.275TB of data, and the information is for sale for £1.6 million ($2 million), or offering to delete data for the same amount. They then threatened to leak the information online if the ransom isn’t paid by February 27.

Samples of the stolen data have been leaked, and of the 35 pages posted, the information seems to be passport and driving license scans, birth certificates, background checks, and staff rotas. These could put those affected at risk of identity theft, fraud, or social engineering scams.

HCRG has said in a statement that it is looking into these claims made by Medusa that it has breached and stolen sensitive information. A spokesperson for HCRG group said: “We can confirm that we are currently investigating an IT security incident and have recently identified a post on the Dark Web by a group claiming responsibility... Our team has not observed any suspicious activity since the implementation of immediate containment measures, and we are working with external forensic specialists to investigate the incident...

.. Our services are continuing to operate and safely see patients, and those with appointments or who need to access our services should continue to do so.”

In compliance with UK rules, HCRG has informed the Information Commissioner's Office and relevant law enforcement agencies of the breach.

Digital Health     |     BBC     |     The Register     |     Tech Radar  |    Computing     |     MSN

Image: @HCRGCareGroup

You Might Also Read: 

EU To Strengthen Cyber Defence In Healthcare:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« AI Could Help Prepare For The Next Pandemic
Alibaba Intends To Spend $53bn On Developing AI »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Cambray Solutions

Cambray Solutions

Cambray Solutions specializes in locating and securing technical professionals, managers, and executives.

Kaspersky Lab

Kaspersky Lab

Kaspersky Lab is one of the world’s largest privately held vendors of endpoint cybersecurity solutions.

Cyber Security Recruiters

Cyber Security Recruiters

Cyber Security Recruiters is a niche recruiting firm who finds impact players for our clients in the Information Security Space.

Centre for Development of Advanced Computing (C-DAC)

Centre for Development of Advanced Computing (C-DAC)

C-DAC is the premier R&D organization of the indian Ministry of Electronics & Information Technology. Areas of research include cyber security.

NopSec

NopSec

NopSec provides automated IT security control measurement and risk remediation solutions to help businesses protect their IT environments from security breaches.

Armorblox

Armorblox

Armorblox stops targeted email attacks such as 0-day credential phishing, payroll fraud, vendor fraud, and other threats that get past legacy security controls.

WiJungle

WiJungle

WiJungle is an Indian Cyber Security Company that develops and markets a unified network security gateway solution.

Basque Digital Innovation Hub (BDIH)

Basque Digital Innovation Hub (BDIH)

The aim of the BDIH initiative is to provide industrial enterprises, especially SMEs, with the technological capabilities needed to meet the challenges of industry 4.0.

Zokyo

Zokyo

Zokyo is a venture studio that builds, secures, and funds legendary web3/crypto businesses.

Data Pie Cybersecurity

Data Pie Cybersecurity

The Data Pie Cybersecurity Consulting offers a 360° around protection for your IT security. Security awareness solutions and consulting.

Assured Clarity

Assured Clarity

Assured Clarity are a global consultancy, specialising in Risk Management and Data Privacy, through Education, Awareness and Training, throughout an organisation.

Cycurion

Cycurion

Cycurion is a global leading provider of Network Communications and Information Technology Security Solutions.

CYTUR

CYTUR

CYTUR provide trusted and secured maritime cybersecurity solutions to keep ships safe, protecting them, their crews, cargo and all stakeholders from maritime cyber threats.

Sasken Technologies

Sasken Technologies

Sasken’s Cybersecurity Services enables enterprises to develop, maintain, and take digital products to the market with security postures that empower operational excellence.

AVIANET

AVIANET

AVIANET's goal is to empower enterprises and corporations worldwide and manage their digital transformation journey with confidence.

TrnDigital

TrnDigital

Protect your business with Microsoft security as a service. TRN Digital is a trusted Microsoft managed security service provider in the USA.