Indiana Cancer Agency hacked by TheDarkOverlord

The hacker infiltrated the database of Cancer Services of East Central Indiana-Little Red Door, wiped the data from the server and demanded payment to prevent the data from being publicly released.
By Jessica Davis
01:31 PM

The server and back-up drive of Muncie, Indiana-based Cancer Services of East Central Indiana-Little Red Door were hacked and the data stripped, encrypted and taken for ransom by the cybercriminal organization, TheDarkOverlord (TDO), the agency revealed Jan. 18.

The hack took place on Jan. 11. TDO asked for 50 bitcoin, or about $43,000, in ransom, first in a text message to the personal cellphones of the company’s executive director, president and vice president. Officials said, TDO followed up in a form letter and several emails that contained extortion threats and promises to contact family members of the cancer patients, donors and community partners.

The FBI was contacted immediately, and Cancer Services didn’t open the suspicious emails or texts. The agents assigned to the case noted the pervasive nature of this attack, as personal cell phone numbers were contacted.

There was no ransomware involved in this breach, TDO confirmed to in a secured message. The extracted data was not encrypted. TDO also stated this afternoon that  it would leak the data of “a few thousand people,” which includes diagnostic and clinical information.

Cancer Services of East Central Indiana-Little Red Door executive director Aimee Fant said in a statement that the agency “will not pay a ransom when all funds raised must instead go to serving families, all stage cancer clients, late stage care/hospice support and preventative screenings,”

Fant is working with the FBI and said that most of the agency’s data is in cloud storage. She also said the agency will replace and rebuild the stolen data and will replace the current terminal server with a cloud-based system.

The agency is still serving patients and the system will be running at full capacity by the end of the week, officials said. The agency’s Indianapolis branch was unaffected by the attack.

“Cancer Services has been consulting with IT firms and law enforcement to preserve the safety and security of those who receive cancer care services, donors and staff, extends its immense gratitude to all who have helped in its efforts to gain control of the ransom attack and sincerely apologizes for any inconvenience and distress experienced on account of this act of cyberterrorism,” officials said.

Cancer Services provides services to reduce financial and emotional constraints of cancer patients, and promotes cancer prevention, early detection and wellness.

Twitter: @JessieFDavis
Email the writer:

Like Healthcare IT News on Facebook and LinkedIn

More regional news

Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.