British Healthcare Provider Investigating Ransom Claims

Uploaded on 2025-03-03 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Health & Welfare

The British National Health Service (NHS) private service provider, the HCRG Care Group, has confirmed that it is investigating a suspected ransomware attack. 

HCRG Care Group, formerly Virgin Care, runs child and family health and social services for the NHS, delivering a wide range of community services, while employing more than 1,300 NHS staff.

Now, HCRG has said it is investigating claims by the  Medusa a ransomware group, which has claimed that it has stolen  more than two terabytes of sensitive information and is threatening to leak confidential internal records, unless a substantial ransom is paid.

The Medusa gang’s Dark Web site claims the group has stolen 2.275TB of data, and the information is for sale for £1.6 million ($2 million), or offering to delete data for the same amount. They then threatened to leak the information online if the ransom isn’t paid by February 27.

Samples of the stolen data have been leaked, and of the 35 pages posted, the information seems to be passport and driving license scans, birth certificates, background checks, and staff rotas. These could put those affected at risk of identity theft, fraud, or social engineering scams.

HCRG has said in a statement that it is looking into these claims made by Medusa that it has breached and stolen sensitive information. A spokesperson for HCRG group said: “We can confirm that we are currently investigating an IT security incident and have recently identified a post on the Dark Web by a group claiming responsibility... Our team has not observed any suspicious activity since the implementation of immediate containment measures, and we are working with external forensic specialists to investigate the incident...

.. Our services are continuing to operate and safely see patients, and those with appointments or who need to access our services should continue to do so.”

In compliance with UK rules, HCRG has informed the Information Commissioner's Office and relevant law enforcement agencies of the breach.

Digital Health     |     BBC     |     The Register     |     Tech Radar  |    Computing     |     MSN

Image: @HCRGCareGroup

You Might Also Read: 

EU To Strengthen Cyber Defence In Healthcare:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« AI Could Help Prepare For The Next Pandemic
Alibaba Intends To Spend $53bn On Developing AI »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

We Watch Your Website

We Watch Your Website

We Watch Your Website provide website monitoring, protection, malware removal and root cause analysis services to help you keep your website secure.

Zix

Zix

Zix offers secure email encryption, threat protection, archiving, DLP and BYOD security for hospitals, financial services, government, and more.

Comarch

Comarch

Comarch is a provider of IT business solutions to optimize operational and business processes. Cyber security solutions are focused on Identity Management and Security Assessment services.

Crosser

Crosser

The Crosser Platform enables real-time processing of streaming or batch data for Industrial IoT, Data Transformation, Analytics, Automation and Integration.

Angoka

Angoka

Angoka provide hardware-based solutions for managing the cybersecurity risks inherent in machine-to-machine communication networks.

Qrator Labs

Qrator Labs

Qrator Labs is a leader in DDoS attack mitigation, helping organizations protect their websites from the most harmful, sophisticated DDoS attacks.

Mjenzi Cloud

Mjenzi Cloud

Mjenzi Cloud is a provider of cloud IaaS solutions including managed backup services, affordable & secure cloud virtual compute/storage/compute services, bare-metal services and cloud security.

Abertay cyberQuarter

Abertay cyberQuarter

The Abertay cyberQuarter is a cybersecurity research and development centre housed within Abertay University.

Flat6Labs

Flat6Labs

Flat6Labs is the MENA region’s leading seed and early stage venture capital firm, currently running the most renowned startup programs in the region.

Spera Security

Spera Security

Spera helps identity security professionals effectively and confidently measure, prioritize and reduce identity risk to better protect the organization from identity-based attacks.

NETAND

NETAND

NETAND privileged access and identity management solutions will secure your business from cyber threats.

Cybastion

Cybastion

Cybastion develops robust world-class cybersecurity solutions tailored to suit the needs of different businesses, governments and public sector entities.

Cyviation

Cyviation

Cyviation's mission is to mitigate ever-growing and menacing Cyber Security threats, focusing on aircraft, airlines and airports.

Synergy ECP

Synergy ECP

Synergy ECP has a talented, dedicated staff to provide a broad range of services to the defense and intelligence industries.

Bell Canada

Bell Canada

Bell is the leading provider of network and communications services for Canadian businesses and the partner for delivering network, IoT, cloud, voice, collaboration and security solutions.

Scalefusion

Scalefusion

Scalefusion provides a comprehensive suite of products engineered to simplify endpoint, user, and access management for IT teams.