Qilin ransomware group hacks Japan’s Utsunomiya Central Clinic

The Qilin ransomware group said it breached the internal network of Japan’s Utsunomiya Central Clinic and stole 140 gigabytes of confidential data.

 

Located in Utsunomiya city on Japan’s main Honshu island, Utsunomiya Central Clinic (UCC) is a cancer treatment center that focuses on early detection and treatment of cancer.

 

In a data security incident notice posted on its website, UCC said that on February 10, the hospital started facing operational outage and immediately launched an investigation, with assistance from external cyber security experts, to determine the nature and scope of the incident.

 

The investigation revealed that the outage was caused by a ransomware attack which involved threat actors infiltrating the hospital’s internal network, encrypting certain systems and stealing confidential data.

 

“After being hit, it was found that the personal information of the customer and those involved in our hospital may have been leaked to the outside world. In addition, as a result, the in-hospital system continues to be unable to use, and for the time being, we will restrict our hospital’s examination and physical examination work,” reads the translated notice.

 

The compromised data included patients’ names, dates of birth, gender, addresses, phone numbers, email addresses, information about medical treatment, health check-ups and more. 

 

The hospital added that the threat actors did not access financial institution account information, credit card information, and personal number information but stole the personal and healthcare data of an estimated 300,000 people.

 

While the healthcare provider did it comment on who is responsible for the ransomware attack, the infamous Qilin ransomware group claimed responsibility for the incident and listed UCC as a victim on its data leak site.

 

 

According to Qilin’s post, it is in possession of 178,319 data files stolen from the hospital that add up to 140 gigabytes of data. The stolen files include  X-rays, patients’ data, medical records, radiology data, medical examinations, BOD secretary data, ECG and ECG-Holter data, specific medical examinations, and various medical data related to Japanese citizens. 

 

To prove the authenticity of it claims, the group has shared samples of the stolen data and has threatened to leak the entire stolen database if UCC doesn’t pay a specified ransom amount within the deadline.