São Paulo-based medical diagnostic firm Grupo Fleury has suffered a ransomware attack that has impaired business operations after the company shut down its systems. On the 22nd of June, the company website began displaying an alert message, alerting to the fact that its systems were suffering an attack and are no longer accessible.
Brazilian healthcare giant provides medical laboratory services across the nation with over 200 service centers and more than 10,000 employees. The company performs approximately 75 million clinical exams in a year.
“Please be advised that our systems are currently unavailable and that we are prioritizing the restoration of services. The causes of this unavailability originated from the attempted external attack on our systems, which are having operations reestablished with all the resources and technical efforts for the rapid standardization of our services,” read the message translated into English.
With their systems being knocked down, patients are unable to book appointments for labs and other medical examinations online. Since the announcement, multiple cybersecurity sources have confirmed that Grupo Fleury suffered an attack by the ransomware operation known as REvil, also known as Sodinokibi.
“The Healthcare industry and healthcare supply chain are both one of the top three targeted sectors worldwide. Additionally, REvil are launching a lot of attacks at the moment, having hit a maritime organization in Brazil earlier this month,” Andy Norton, European cyber risk officer at Armis, stated.
The fact that Grupo Fleury’s data is of significant concern as it contains enormous amounts of personal and medical data of patients, REvil is demanding $5 million for the decryptor key and the assurance that no vital information will be leaked online. REvil is known for exfiltrating data before encrypting devices and then using the stolen information as leverage to extort money from the company.
“In a previous statement made to the Russian-OSINT Telegram channel, a REvil representative stated that they were targeting Brazil for revenge. However, it is not known what that revenge is for. REvil is known for exfiltrating data and the data could include personally identifiable information and sensitive medical information of their patients and staff, which could be detrimental for the organization,” Jamie Hart, cyber threat intelligence analyst at digital risk protection company Digital Shadows Ltd, said.
Prior to this attack, JBS Foods, the world’s largest meat producer, was the victim of a REvil ransomware attack. JBS paid a ransom of $11 million in order to keep their stolen information from being leaked online. REvil has targeted numerous high-profile organizations, including Brazil’s the Rio Grande do Sul court system, nuclear weapons contractor Sol Oriens.
Source: https://www.ehackingnews.com/2021/06/revil-hits-brazilian-healthcare-giant.html
- "
- 000
- All
- analyst
- Announcement
- Armis
- Attacks
- BP
- Brazil
- business
- business operations
- company
- Contractor
- Court
- cyber
- cyber risk
- Cybersecurity
- data
- Devices
- digital
- employees
- English
- European
- Firm
- healthcare
- healthcare industry
- HTTPS
- Including
- industry
- information
- Intelligence
- IT
- Key
- Labs
- Leverage
- Maritime
- Meat
- medical
- million
- money
- Nuclear weapons
- Officer
- online
- Operations
- order
- Other
- patients
- producer
- protection
- Ransom
- ransomware
- Ransomware Attack
- Resources
- Risk
- Sectors
- Services
- Sodinokibi
- Statement
- stolen
- supply
- supply chain
- system
- Systems
- Technical
- Telegram
- threat intelligence
- top
- Website
- worldwide
- year
More from E Hacking News
Russian Electronic Voting System Struck by 19 DDoS Attacks in One Day
Source Node: 1875518
Time Stamp: Sep 22, 2021
Microsoft Released Security Updates that Block PetitPotam NTLM Relay Attacks
Source Node: 1018438
Time Stamp: Aug 12, 2021
Master Key for Decryption of Kaseya, Leaked on Hacking Forum
Source Node: 1018434
Time Stamp: Aug 12, 2021
‘DeepBlueMagic’ – Newly Discovered Ransomware With Unique Modus Operandi
Source Node: 1864445
Time Stamp: Aug 14, 2021
Hackers hacked the accounts of employees of government agencies in Russia and more than ten other neighboring countries
Source Node: 1875936
Time Stamp: Sep 23, 2021
Snake Keylogger: Enters Top 10 List for the Most Prominent Malwares
Source Node: 1864391
Time Stamp: Aug 14, 2021
New Mac Malware Trick Users By Posing as Legitimate macOS Tool
Source Node: 1875799
Time Stamp: Sep 23, 2021
Thailand’s Data on 106 Million Visitors has been Breached
Source Node: 1089498
Time Stamp: Sep 23, 2021
Russia demanded an explanation from the United States about cyber attacks during the State Duma elections
Source Node: 1875788
Time Stamp: Sep 23, 2021
The Russian Federation submitted to the United Nations the world’s first draft convention against cybercrime
Source Node: 995491
Time Stamp: Jul 29, 2021