8base Ransomware Gang Attacks Kansas Medical Center LLC

The 8base ransomware gang has attacked Kansas Medical Center LLC. Kansas Medical Center LLC is a healthcare facility in Andover, Kansas, United States. It is a private, for-profit hospital that provides medical services to the local community and beyond. Kansas Medical Center offers various specialties, including cardiology, orthopedics, general surgery, internal medicine, and emergency care.

8base posted Kansas Medical Center LLC to its data leak site on July 11th, claiming to have stolen personal documents, identity cards, health insurance, patient data, employee data, internal documents, accounts, and financial documents. Despite a significant increase in activity during the summer of 2023, the 8Base ransomware group has managed to maintain a relatively low profile.

Techniques and Tactics

This group employs encryption techniques alongside "name-and-shame" tactics to pressure their victims into paying ransoms. 8Base demonstrates an opportunistic approach, targeting victims from diverse industries. However, crucial details regarding their identities, methods, and motivations remain shrouded in mystery.

The swift and efficient operations of 8Base suggest that this group is not newly formed but rather an established and mature organization. Based on available information, certain aspects of their current operations bear a striking resemblance to past ransomware activities.

Background and Operations

The 8Base ransomware group emerged in March 2022, but it experienced a significant surge in activity in June 2023. Describing themselves as "simple pen testers," they operate a leak site that provides victim information through Frequently Asked Questions and Rules sections, along with multiple contact options. Notably, 8Base's communication style shares similarities with another known group called RansomHouse.