Report: Ransomware op leaks 48,000 documents stolen from New Jersey hospital
University Hospital in New Jersey has experienced a 48,000-document data breach, according to reporting from security researcher Ax Sharma at BleepingComputer.
According to Sharma, the Newark-based hospital's records appear to be among those leaked by SunCrypt, a ransomware operation that began hosting a dedicated leak site earlier this year.
The data leak, which has since been removed from SunCrypt's blog, reportedly includes patient information release forms, driver's license copies, Social Security numbers, dates of birth and board of director records.
Requests for comment from University Hospital were not returned by press time.
WHY IT MATTERS
University Hospital is a teaching hospital with about 500 licensed beds. It is a principal teaching hospital of Rutgers BioMedical and Health Sciences and houses a Level 1 Trauma Center.
As reported by Sharma for BleepingComputer, 240 GB of data were allegedly stolen from UH, with 1.7 GB – containing 48,000 documents – leaked this past week.
The leaks came after an employee at UH was reportedly infected with the TrickBot trojan earlier this summer.
"When a computer is infected with TrickBot, it usually leads to a full compromise of the network with ransomware eventually being deployed," wrote Sharma.
THE LARGER TREND
Ransomware attacks have been on the rise in the healthcare industry, and experts foresee no slowdown.
In one high-profile case this summer, the University of California, San Francisco, had to pay $1.14 million to decrypt files that the school determined were important "to some of the academic work we pursue as a university serving the public good."
Most experts say that paying the ransom isn't the best course of action, despite the danger of leaked or locked files.
ON THE RECORD
"Ransomware attacks on healthcare ... organizations continue to plague the industry, and this attack highlights the vital need for healthcare organizations to achieve full visibility of their network infrastructure in order to identify and prevent ransomware attacks that can potentially endanger patients and hinder operations," said Balbix Chief Technical Officer Vinay Sridhara in a statement about the leak.