Last month, the systems of Attent Zorg en Behandeling, a care facility in Gelderland, were hacked by the notorious Qilin ransomware group. This led to the theft of passports belonging to physicians, nurses, and physiotherapists, which were later published on the internet. The attack occurred on February 17, causing technical difficulties for the facility. The care institution announced the breach via their website and attributed the problem to a group that had gained unauthorized access to their network.
In a statement, Attent Zorg en Behandeling reported that a significant portion of the affected systems had been restored three days after the attack. The facility also resumed its telephone services and regained access to their client dossier, financial, and personnel systems by February 20.
The Qilin group claims that it used an unpatched vulnerability to gain entry into the facility’s systems, resulting in the theft of hundreds of gigabytes of data, including confidential internal communication, salary statements, and non-disclosure agreements. The group threatened to release the data unless the facility paid a ransom. Recently, the group made good on its threat by publishing some of the stolen data on its website, including expired passport copies that had been retained for up to a decade.
This incident serves as a warning to organizations to prioritize cybersecurity measures and promptly update their software systems. Protecting sensitive information must be a top priority for all institutions.
To learn more about how to safeguard against these types of attacks, check out our other blogs on cybersecurity.
You might also like: