Medusa Ransomware Group Strikes Radiosurgery New York, Data Breach Detected
Incident Date:
June 6, 2024
Overview
Title
Medusa Ransomware Group Strikes Radiosurgery New York, Data Breach Detected
Victim
Radiosurgery New York
Attacker
Medusa
Location
First Reported
June 6, 2024
Medusa Ransomware Group Targets Radiosurgery New York
Overview of Radiosurgery New York
Radiosurgery New York (RSNY) is a prominent medical practice specializing in non-invasive fractionated stereotactic radiosurgery treatments for cancer patients. Founded by Dr. Gil Lederman, RSNY is renowned for its advanced radiation therapy techniques, including the use of Gamma Knife and CyberKnife systems. The center, located at 1384 Broadway, New York City, employs between 51-200 individuals and focuses on treating various cancers, including brain, lung, breast, and prostate cancers. RSNY's approach allows for outpatient treatment, significantly reducing hospital stays and promoting quicker recovery times.
Details of the Ransomware Attack
Recently, the Medusa ransomware group executed a cyberattack on RSNY, resulting in the exfiltration of 64.7 GB of sensitive data. The attack was publicly claimed on Medusa's dark web leak site. The breach has raised significant concerns about the security of patient data and the operational integrity of RSNY's advanced treatment systems.
About the Medusa Ransomware Group
Medusa is a notorious ransomware group that emerged in late 2022, operating as a Ransomware-as-a-Service (RaaS) platform. The group has been involved in high-profile attacks across various sectors, including education, healthcare, and government services. Medusa's ransomware is designed to disable numerous applications and services, making detection and mitigation challenging. The group is known for demanding substantial ransoms and publicly releasing stolen data if their demands are not met.
Potential Vulnerabilities and Attack Penetration
Given RSNY's reliance on advanced technology and extensive patient data, it becomes a lucrative target for ransomware groups like Medusa. The attack could have penetrated RSNY's systems through various vectors, including phishing emails, exploiting unpatched software vulnerabilities, or leveraging weak network security protocols. The healthcare sector's critical nature and the high value of patient data further exacerbate the impact of such attacks.
Implications and Response
Importantly, the attack on RSNY underscores the growing threat of ransomware in the healthcare sector. The breach not only compromises patient confidentiality but also disrupts critical medical services. RSNY is likely to face significant operational challenges and reputational damage as it navigates the aftermath of this cyberattack.
Sources:
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.