The rapidly emerging cybercrime group known as the 8base ransomware group has reportedly targeted ClearMedi Healthcare, a comprehensive cancer care provider based in India.
Who is 8base?
As we previously covered in our in-depth report, the 8base ransomware group was first detected in March 2022, and their activity has significantly increased over the past month. The group maintains a so-called “leak site”, where they make available the data of victims who refuse to pay their ransom demand.
Interestingly, 8base likens themselves to “penetration testers”, attempting to maintain a semblance of legitimacy while conducting their nefarious activities. Despite their rising activity, security experts are yet to fully decipher their exact methodology, motivation, and identity.
ClearMedi Healthcare Under Attack
According to a recent post on their Telegram channel, 8base claims to have a large number of files belonging to ClearMedi Healthcare. They have already uploaded some of these files to their site as a demonstration.
ClearMedi Healthcare is a private company that has been providing comprehensive cancer care in India since 2010. With its headquarters in Gurgaon, Haryana, ClearMedi operates in the health care, hospital, and medical service industry.
Given 8base’s past activities, this could have serious implications. The ransomware group has a broad target range, which includes business service providers, financial services, manufacturing, IT, and healthcare.
The fact that ClearMedi’s data has purportedly been compromised is worrisome, especially considering the sensitive nature of healthcare data..