Ransomware gang continues to publish data stolen from Ontario hospitals

Share post:

The Daxin Team ransomware group has released its third tranche of data stolen from southwestern Ontario hospitals that share an IT services provider because it can’t get a penny from the institutions.

According to Canadian-based Emsisoft threat researcher Brett Callow, this third installment of data was released Sunday. The gang promises to release databases full of information soon.

The institutions in the group — Bluewater Health of Sarnia, Chatham Kent Health Alliance, Erie Shores HealthCare of Leamington, Hôtel-Dieu Grace Healthcare and Windsor Regional Hospital, along with shared service provider TransForm Shared Service Organization — were hit by a cyber attack late last month that forced the curtailment of some healthcare services.

The websites of the hospitals continue to post an alert notice that their IT systems are still suffering from the attack. It says they are working “around the clock to restore systems.”

According to DataBreaches.net, this latest leak has a great deal of sensitive patient information and IT-related information.

The news site also says it spoke to someone from the group who said it has been considering different strategies for dealing with victims who do not pay, including possibly selling some of the stolen data rather than leaking it.

In an earlier story, the spokesman for the attackers said, “the networks were completely transparent – we could go anywhere.”  When DataBreaches asked if that was because of password re-use or failure to segment, or some other reason, Daixin answered, “Maybe they had some kind of segmentation, but the fact that even the wifi in the hospitals disappeared after we attacked can speak to its level. The passwords for some administrator accounts across all hospital domains were the same.”

When asked how many files had been encrypted the person replied, “I’m assuming we’re talking about thousands of hosts.”

The post Ransomware gang continues to publish data stolen from Ontario hospitals first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Tech Jobs


Related articles

Cyber Security Today, Week in Review for week ending Friday, Feb. 23, 2024

This episode features discussion on the takedown of the LockBit ransomware gang

Breaking news: RCMP facing ‘alarming’ cyber attack

The RCMP is facing a serious cyber attack from an unspecified threat actor. The Mounties told CBC News today that a “breach of this magnitude is alarming.” “The situation is evolving quickly but at this time, there is no impact on RCMP operations and no known threat to the safety and security of Canadians,” a spokesperson

Leaked documents may show the inside of China’s hacking strategy

Documents apparently stolen by disgruntled employees to embarrass their firm may give insight into China's cyber

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways