One of the oldest primary healthcare systems in the northwestern Italian city of Alessandria is Azienda Ospedaliera di Alessandria. According to the criminals who run the Ragnar Locker ransomware operation, it’s also one of their latest victims.
The criminal syndicate on Wednesday said that as part of its attack, it stole “clients’ personal information, medical cards, financial reports, departments reports” and other types of information. It’s already leaked 37GB of stolen data, claiming “this is only about 5% of total data volume” stolen, which would mean it had exfiltrated 740GB of data.
In a post to its Tor-based data-leak site, Ragnar Locker says it didn’t encrypt any of the healthcare organization’s systems.
Officials at Azienda Ospedaliera di Alessandria, or AOAL, didn’t respond to a request for comment. While the organization’s website remained offline much of the week, by Friday it appeared to once again be fully operational.
Ragnar Locker is known for not just hitting victims with ransomware, but also practicing double extortion, which refers to the practice of exfiltrating data and threatening to release it unless victims quickly pay a ransom.