Colombian healthcare provider Keralty reported a ransomware attack on Sunday, which affected its systems as well as two of its subsidiaries: EPS Sanitas and Colsanitas.
The attack has been reported on by Colombian news outlet El Tiempo, and would have disrupted the companies’ IT operations, websites and scheduling of medical appointments.
Keralty said on Monday they were suffering technical issues but did not disclose the cause. On Tuesday, the company released an additional statement confirming the cyber-attack.
“The computer servers of the Keralty Group companies have been the object of a cyber-attack, which has generated technical failures in our systems,” reads a machine-translated statement from Keralty.
“From the moment it was identified, we have been working 24 hours a day, both from the technical team and the medical and administrative team, to provide continuity of care to our members.”
The hacking operation was then reportedly confirmed by a Twitter user, who posted a screenshot of the alleged malware affecting Keralty’s systems and deployed by the threat group RansomHouse.
“Ransomware actors know that hitting business availability and patient care of healthcare organizations will likely yield the highest ransom payments,” commented Raj Samani, SVP and chief scientist at Rapid7.
“By disrupting IT systems, threat actors can slow down the delivery of patient care, which can result in human fatalities.”
Furthermore, in addition to disrupting patient care, the RansomHouse ransomware group has claimed to have stolen 3TB of data.
“Even though it is yet to be confirmed what data has been stolen, our research shows that the majority of ransomware data disclosures against the healthcare and pharmaceuticals industry include finance and accounting data (71%) and patient data (58%),” Samani told Infosecurity.
“Therefore, organizations need to implement file encryption, as well as technologies which detect a potential intrusion or lateral movement, so they have multiple layers of defense against ransomware attacks.”
The hacking of Keralty’s systems comes weeks after a study by Obrela Security Industries suggested more than four-fifths of UK healthcare organizations suffered a ransomware attack in the last year.