HealthcareInfoSecurity reported in the article “Patient Files Dumped on Darknet Site After Hacking Incidents,” that a ransomware attacker has reportedly leaked sensitive patient data and employee records from two different healthcare organizations on a darknet site.
The publication turned to privacy, cybersecurity and data strategy counsel Jason G. Weiss for insight on the incident and ransom demands from cybercriminals. Weiss noted that it’s common for ransomware victims to overlook ransom demands from attackers.
“When I was with the FBI, I worked cases where the ransomware victim did not actually find the ransom note due to automated tools that may have destroyed it as they worked to restore their network,” Weiss said. “Therefore, I never assume there was or was not a note.”
Weiss added that most ransomware groups leave notes to set up lines of communication for possible payment of ransom. In the case of the hospital’s attack, Weiss explained “if there was no note left, then this may be more of a more nefarious type of disruptionware attack over a straight ransomware attack.”