Shamir Medical Center in Israel Targeted by Qilin Ransomware Gang Demanding $700,000 Ransom
Published
- Cybersecurity incident: The Qilin ransomware gang has claimed responsibility for a data breach targeting the Shamir Medical Center in Israel.
- Data exfiltration claim: The threat actors allege they have exfiltrated 8 terabytes of data, which they claim includes patient records.
- Samples leaked: The group has reportedly uploaded sample files to substantiate its claims of a successful breach.
The Qilin ransomware gang has asserted that it successfully breached the network of the Shamir Medical Center (Assaf Harofeh), the fourth-largest government hospital in Israel. In its claim, the cybercriminal group stated that it exfiltrated a massive trove of sensitive information.
This incident highlights the persistent and escalating threats facing the global healthcare sector and the critical importance of robust healthcare cybersecurity protocols.
Scope of the Alleged Patient Data Breach
According to the threat actors, the Shamir Medical Center data breach resulted in the theft of approximately 8 terabytes of data. The gang alleges that this dataset contains highly sensitive patient records.
To support their claims, the perpetrators have reportedly uploaded sample files for verification on their leak site. A successful exfiltration of this magnitude would represent a severe violation of patient privacy and a significant operational disruption for the medical center.
The Israeli Ministry of Health stated that a cyberattack temporarily disrupted Asaf Al-Harofeh's systems, including the medical record system Chamilion, a Ynet report said. Chamilion centralizes patients' medical files and is used by a large number of hospitals in Israel and some health insurance funds.
Ynet reported hackers may have exploited a breach in the private laptop of an IT support employee at a computer security company.
The Ministry and the National Cyber Command announced that only email communications from September 25 were exposed and the attack was stopped in its early stages, with operations returned to normal.
Implications for Healthcare Cybersecurity
This alleged attack underscores the vulnerability of critical healthcare infrastructure to ransomware operations. A successful patient data breach can have devastating consequences, including the compromise of personal health information (PHI), potential identity theft, and the disruption of essential medical services.
The incident serves as a stark reminder for healthcare organizations worldwide to continuously assess and reinforce their security postures, including network segmentation, access controls, and incident response plans, to defend against groups like the Qilin ransomware gang.
In the past months, Qilin alleged the breach of the Kenyan Political Office and Moniz Silva International, accusing the company of disregarding customer health.
The Russian-speaking cybercrime group has been linked by multiple reports to several incidents, including a ransomware attack on Synnovis, a U.K.-based medical company working with London hospitals.
Other “ethical” attacks involved Qilin accusing the Formacompany & Co. offshore company of money laundering and a ‘political protest’ NHS cyberattack that led to one patient's death.
Related
Get expert insights on threats, breaches, scams, and security trends — delivered every Saturday.
Most Popular
Get expert insights on threats, breaches, scams, and security trends — delivered every Saturday.
Most Popular