Medical data and personally identifiable information belonging to patients at a Fresenius Medical Care unit are currently available online on a paste website.
Fresenius is a large private hospital operator in Europe and its systems were compromised as part of a massive campaign from Snake ransomware that targeted organizations across all verticals.
The first of many
The hackers published a small batch of data but they announced that there’s “more to come,” announcing that the data is part of a much larger leak.
BleepingComputer has seen the paste with the records, set to expire on June 15. It contains patient details from Fresenius Medical Care center in Serbia, which provides dialysis services for people with chronic kidney failure.
There are less than 200 records that include first and last names, gender, birth date, the nationality of the patient, profession, postal address, phone number. Next of kin details are also available (names and phones).
Medical data in the dump refers to the name and phone number of the general practitioner, notes on allergies, test results, and doctor’s observations regarding the treatment.
BleepingComputer found the post with the data after receiving an anonymous tip saying that Ekans (“Snake” spelled backward) released some records stolen Fresenius systems.
Ekans is also the file marker that Snake ransomware appends to encrypted files, as shown in this malware analysis by BleepingComputer.
Earlier this month, Snake ransomware sent BleepingComputer images of a database they claim belongs to Fresenius and stated that they are planning to share more publicly in the future.
..
Support the originator by clicking the read the rest link below.
