[BreachExchange] Ransomware group auctions Crozer-Keystone Health System data on darknet

Destry Winant destry at riskbasedsecurity.com
Wed Jun 24 10:37:13 EDT 2020


Netwalker, a ransomware operator that threatens to publish data online
if ransoms aren't paid, hacked Springfield, Pa.-based Crozer-Keystone
Health System and is auctioning off its data online, according to

The ransomware gang is selling the stolen data from Crozer-Keystone
through its darknet website and said it will leak the data if it is
not purchased at auction within six days, according to the June 19

In a June 22 emailed statement to Becker's Hospital Review, a
Crozer-Keystone spokesperson said the health system is currently
conducting a full investigation of the incident and worked with
cybersecurity professionals across its organization in response to the

"After quickly identifying a recent malware attack, the
Crozer-Keystone information technology team took immediate action and
began remediating impacted systems," the spokesperson said. "Having
isolated the intrusion, we took necessary systems offline to prevent
further risk."

Cointelegraph was able to access Netwalker's alleged publication on
June 19, which showed "dozens of folders with an undisclosed amount of
data, mostly concerning finances, but nothing related to medical
records of patients," according to the report. Netwalker claimed
Crozer-Keystone declined to pay for the ransom the group demanded in

More information about the BreachExchange mailing list