RansomHub's Ransomware Attack Disrupts Hospital Adventista de Manaus

Incident Date:

June 12, 2024

World map

Overview

Title

RansomHub's Ransomware Attack Disrupts Hospital Adventista de Manaus

Victim

Hospital Adventista de Manaus (HAM)

Attacker

Ransomhub

Location

Manaus, Brazil

, Brazil

First Reported

June 12, 2024

RansomHub Targets Hospital Adventista de Manaus in Major Ransomware Attack

Overview of Hospital Adventista de Manaus

Hospital Adventista de Manaus (HAM) is a prominent healthcare institution in Manaus, Brazil, established in 1978. Operated by the Seventh-day Adventist Church, HAM provides a comprehensive range of medical services, including cardiology, orthopedics, gynecology, neurology, pediatrics, and maternity care. The hospital is equipped with 140 patient beds and various specialized units, such as ICUs and maternity wards, ensuring high-quality patient care through a multidisciplinary approach.

Details of the Ransomware Attack

On June 12, 2024, HAM fell victim to a ransomware attack orchestrated by the cybercriminal group RansomHub. The attack resulted in a significant data breach, with 294GB of sensitive information being leaked. The compromised data likely includes patient records, medical histories, and other confidential information, posing severe risks to patient privacy and hospital operations.

About RansomHub

RansomHub is a relatively new but rapidly emerging ransomware group, believed to have roots in Russia. Operating as a Ransomware-as-a-Service (RaaS) entity, RansomHub affiliates receive 90% of the ransom payments, with the remaining 10% going to the main group. The group has targeted various sectors globally, including healthcare institutions, using ransomware strains written in Golang, a trend gaining traction in the cyber threat landscape.

Potential Vulnerabilities and Attack Penetration

Healthcare institutions like HAM are particularly vulnerable to ransomware attacks due to the critical nature of their services and the sensitive data they handle. RansomHub likely exploited vulnerabilities in HAM's cybersecurity infrastructure, potentially through phishing attacks or exploiting unpatched software. The use of Golang in their ransomware strains indicates a sophisticated approach, making detection and mitigation more challenging.

Impact on Hospital Adventista de Manaus

The ransomware attack on HAM has significant implications, disrupting medical services and compromising patient data. The hospital's commitment to high-quality, ethical, and compassionate care is now under threat, highlighting the urgent need for robust cybersecurity measures in the healthcare sector.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.