Interlock breaches Kettering Health, leaks over 900 GB of data

The infamous Interlock ransomware group said it breached Kettering Health’s internal network, stealing more than 900 GB of confidential data.

 

In a data security incident notice published on its website, Kettering, Ohio-based healthcare provider said that on May 20, it experienced a system-wide technology outage that affected its ability to access patient care systems across the organisation.

 

The healthcare provider immediately launched an investigation, with assistance from external cyber security experts, to determine the nature and scope of the incident. It also took steps to contain and mitigate the incident and notified relevant law enforcement authorities about the same.

 

“Elective inpatient and outpatient procedures at Kettering Health facilities have been canceled for today, Tuesday, May 20. These procedures will be rescheduled for a later date and more information will be provided on this as updates are available. In addition, our call center is experiencing an outage and may not be accessible,” Kettering Health said.

 

On June 2, the healthcare provider said that its Epic electronic health record (EHR) system had been restored and that staff were successfully using it.

 

“Progress continues in bringing back online in- and outbound calling to Kettering Health facilities and practices, as well as MyChart for patients,” reads the update.

 

 

On June 4, the Interlock ransomware group claimed responsibility for the security incident on Kettering Health and listed it as a victim on its data leak site. The group claimed to have obtained 941 GB of data, including sensitive patient information, pharmacy and blood bank records, payroll data, police personnel files, scanned identity documents such as passports, and more.

 

The hacker group gave Kettering Health a 72-hour deadline to meet its ransom demands. Following unsuccessful negotiations, the group has since released the stolen data