Snatch attacks Mount Desert Hospital

Incident Date:

June 5, 2023

World map



Snatch attacks Mount Desert Hospital


Mount Desert Hospital




Bar Harbor, USA

Maine, USA

First Reported

June 5, 2023

The Snatch Ransomware Gang's Latest Target: Mount Desert Island Hospital

The Snatch ransomware gang has allegedly attacked Mount Desert Island Hospital. Mount Desert Island Hospital is a general hospital located in Bar Harbor, Maine, and employs more than 500 people. Founded in 1871, the hospital is a non-profit organization, and its facilities include a retirement community, six primary health care centers, a dental center, and a behavioral health center. The Centers for Medicare and Medicaid Services awarded Mount Desert Hospital a five-star rating in 2020.

While Snatch hasn’t yet confirmed how much data it claims to have stolen, the ransomware gang has posted Mount Desert Island Hospital’s details on its dark web leak site. Mount Desert Island Hospital has neither confirmed nor denied the attack.

About the Snatch Ransomware Gang

The Snatch ransomware gang, which first appeared in 2018, uses sophisticated AES encryption to prevent victims from accessing their information. The hackers use Windows registry keys to boot in safe mode. Snatch typically targets high-profile organizations and forces target systems to reboot in safe mode to disable antivirus software. Snatch typically demands between 1 and 5 bitcoins as ransom, and researchers have not yet found a way to decrypt stolen information. The ransomware gang initially targeted regular users with spam emails, but since 2019 has targeted entire organizations.

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.