OakBend Medical Center has announced it’s been hit by major ransomware cyberattack that forced the center to rebuild its entire IT infrastructure, and it’s still in the process of fully coming back online.
Medical facilities are often in the attackers’ crosshairs because they deal with a lot of personal information and because criminals can create real emergencies to use in their blackmail. Since most ransomware attacks these days are preceded by data exfiltration from the victim’s infrastructure, problems can be all the more severe.
In the OakBend Medical Center situation, the attackers hit on Sept. 1. They deployed ransomware, and the IT team immediately took all systems offline and placed everything in lockdown mode. The medical center underlined the fact that at no time was patient safety in jeopardy.
Nine days after the attack, the hospital was still having issues with some of their systems, and staff was working on getting everything up and running.
While the hospital didn’t identify the attackers, a group named Daixin Team contacted DataBreaches and claimed responsibility. They also claim to have extracted 3.5GB of patient data and offered a few samples to prove they’re responsible for the attack. The group claimed responsibility for a few other ransomware attacks this summer.