HCRG Care Group, one of the largest independent healthcare providers in the U.K., has confirmed it is investigating a security breach after a ransomware gang claimed to have stolen a vast amount of sensitive data.
The Medusa ransomware group, known for targeting organizations worldwide, has listed HCRG on its dark web leak site, alleging it has compromised over two terabytes of data.
Medusa claims the stolen files include personal employee details, financial records, medical records, and official government documents like passports and birth certificates. While HCRG has not confirmed the extent of the breach, spokesperson Alison Klabacher acknowledged the incident, stating the company is working with forensic experts to assess the impact. HCRG, which serves over half a million patients across the U.K. and employs more than 5,000 staff, has reported the breach to regulators, including the Information Commissioner’s Office.
Despite the cyberattack, HCRG assures that its healthcare services remain operational and that patients should continue attending appointments as usual.
Meanwhile, the Medusa ransomware group is demanding a $2 million ransom to prevent the leaked data from being published. HCRG has not disclosed how its systems were breached, but Medusa is known to exploit vulnerabilities in remote desktop software.
