"Karakurt Ransomware Group Targets Methodist McKinney Hospital in Cyberattack"
The Karakurt ransomware group has claimed that it was behind a cyberattack on Methodist McKinney Hospital (MMH) in early July, according to CBS Dallas Fort-Worth. The threat actors are said to have posted 360 GB of personal data on the dark web. According to researchers, the ransomware group claimed to have released invoices, contracts, prescription scans, patient cards, and financial documents on the dark web. In its notice to patients, Methodist McKinney Hospital did not explicitly mention the ransomware group but did explain that on July 5, it detected unusual activity on certain systems. With the assistance of a third-party, MMH conducted an investigation and discovered that an unauthorized actor gained access to certain systems containing data from MMH, Methodist Allen Surgical Center, and Methodist Craig Ranch Surgical Center. MMH stated that the data present in the relevant systems varies by individual. According to the findings of the investigation thus far, the information present in the systems included names, addresses, Social Security numbers, dates of birth, medical history information, medical diagnosis information, treatment information, medical record number, and health insurance information. The HHS Health Sector Cybersecurity Coordination Center (HC3) recently alerted the healthcare sector to the Karakurt ransomware group's rising activity. At least four cyberattacks against US healthcare organizations have been claimed by the group. Instead of locking files, Karakurt threat actors typically conduct two months of scanning, reconnaissance, and collection on their targets. This article continues to discuss the Karakurt ransomware group claiming responsibility for an attack against MMH, the group's tactics, and others that have fallen victim to the group.