Quilong Ransomware Attack Threatens Indigo ENT Group Data Security

Incident Date:

May 30, 2024

World map

Overview

Title

Quilong Ransomware Attack Threatens Indigo ENT Group Data Security

Victim

Indigo ENT Group

Attacker

Qiulong

Location

Coquitlam, Canada

, Canada

First Reported

May 30, 2024

Ransomware Attack on Indigo ENT Group

Company Profile

Indigo ENT Group is a company operating in the Hospital & Health Care industry, providing comprehensive ENT care in the Greater Vancouver area. The company employs a team of five otolaryngologists specializing in ear, nose, and throat disorders.

Company Size and Standout

With a small team of 6-10 employees and revenue between $1M-$5M, Indigo ENT Group stands out in the industry by offering a wide range of non-surgical and surgical treatments for various ENT conditions.

Attack Overview

The Quilong ransomware group targeted Indigo ENT Group's website, and claimed to have stolen thousands of personal, confidential, PHI, and PII data of patients. This attack involved leaking sensitive information on the dark web, posing a significant threat to the company's data security.

Ransomware Group Profile

Known for their targeted attacks and sophisticated tactics, the Quilong ransomware group primarily targets Latin America, with a particular focus on Brazil. Recently, they have adopted a Ransomware-as-a-Service model, which has increased their number of victims. Quilong uses unique encryption strategies and practices double extortion to extort money from their victims.

Company Vulnerabilities

Indigo ENT Group may have been targeted by threat actors like the Quilong ransomware group due to the sensitive nature of the healthcare data they handle. The company's focus on healthcare services and the valuable patient information they possess make them an attractive target for cybercriminals.

Sources:

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.