Medequip Assistive Technology Targeted by Akira Ransomware Group: A Critical Breach in Healthcare Supply Chains

Incident Date:

April 16, 2024

World map

Overview

Title

Medequip Assistive Technology Targeted by Akira Ransomware Group: A Critical Breach in Healthcare Supply Chains

Victim

Medequip Assistive Technology

Attacker

Akira

Location

Harmondsworth, United Kingdom

, United Kingdom

First Reported

April 16, 2024

Medequip Assistive Technology Targeted by Akira Ransomware Group

Company Profile

Medequip Assistive Technology is a prominent player in the Health and Social Care sector, specializing in logistical solutions. The company boasts a significant infrastructure with over 1,200 employees, a fleet of more than 500 vehicles, and extensive warehouse and office spaces totaling over 300,000 square feet. Medequip manages upwards of 30 Community Equipment Services contracts across the UK, serving a population exceeding 18 million. The company's financial footprint is notable with a reported turnover of £242 million as per their 2022 audited accounts.

Details of the Ransomware Attack

The Akira ransomware group, known for its affiliation with the defunct Conti gang, has recently targeted Medequip Assistive Technology. The attack involved the exfiltration of approximately 50 GB of sensitive data, including personal identifiers like National Insurance Numbers, birth certificates, and driver's licenses, alongside confidential business documents. This incident marks a significant breach given the volume and sensitivity of the data involved.

Vulnerabilities and Industry Impact

The company's extensive digital and physical infrastructure, coupled with its critical role in healthcare supply chains, makes it a valuable target for cybercriminals. The company's large-scale operations involving sensitive personal and medical data increase its attractiveness for ransomware attacks, which aim to cripple operations and leverage sensitive data for extortion.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.