Ransomware Attack Exposes Ascires Biomedical Data Vulnerabilities
Incident Date:
October 13, 2024
Overview
Title
Ransomware Attack Exposes Ascires Biomedical Data Vulnerabilities
Victim
Ascires Biomedical Group
Attacker
Stormous
Location
First Reported
October 13, 2024
Ransomware Attack on Ascires Biomedical Group by Stormous
Ascires Biomedical Group, a leading Spanish organization in the healthcare sector, has reportedly been targeted by the Stormous ransomware group. This attack has resulted in the exfiltration of approximately 700 GB of sensitive data, including client information, medical reports, financial documents, and strategic business plans. The breach highlights significant vulnerabilities within Ascires' cybersecurity infrastructure, raising concerns about the protection of sensitive medical and personal data.
About Ascires Biomedical Group
Ascires Biomedical Group, established over 50 years ago, is a prominent player in the fields of genetics, diagnostic imaging, and nuclear medicine. The organization operates a network of biomedical clinics primarily in the Valencian Community and Catalonia, collaborating with both public and private hospitals. Ascires is recognized for its pioneering efforts in medical technology, including the introduction of Spain's first MRI and CT scan machines. The group's commitment to research and development is evident, with approximately 15% of its profits reinvested into R&D initiatives aimed at enhancing precision medicine.
Details of the Attack
The Stormous ransomware group claims to have infiltrated Ascires' systems, compromising a wide array of critical assets. The attackers have released samples of the stolen data to substantiate their claims, underscoring the severity of the breach. The compromised information reportedly includes client data, medical reports, financial documents, and patient-related data. This breach poses significant risks to Ascires' operations and reputation, given the sensitive nature of the data involved.
Stormous Ransomware Group
Stormous is a ransomware group that emerged in early 2022, known for its politically motivated operations and support for Russia amid the conflict with Ukraine. The group employs a double extortion tactic, encrypting data and threatening to leak sensitive information if the ransom is not paid. Stormous operates through an underground website and communicates via Telegram, often targeting Western nations and companies. Despite its claims, many cybersecurity experts view Stormous as a potentially fraudulent operation, raising questions about the legitimacy of their attacks.
Potential Vulnerabilities
The attack on Ascires highlights potential vulnerabilities in the organization's cybersecurity measures. As a leader in medical technology, Ascires handles vast amounts of sensitive data, making it an attractive target for threat actors like Stormous. The breach underscores the need for effective cybersecurity protocols to protect against sophisticated ransomware attacks, particularly in the healthcare sector where data sensitivity is paramount.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.