Wednesday, 22 October 2025
28.1 C
Singapore
23.4 C
Thailand
20.5 C
Indonesia
27.7 C
Philippines

UK healthcare provider HCRG confirms cyberattack after ransomware gang claims data theft

UK healthcare provider HCRG Care Group confirms a cyberattack after the Medusa ransomware gang claims to have stolen sensitive employee and patient data.

HCRG Care Group, one of the UK’s largest independent healthcare providers, has confirmed investigating a cybersecurity breach after a notorious ransomware group claimed to have stolen a large amount of sensitive data.

The healthcare organisation, formerly Virgin Care and now owned by Twenty20 Capita, provides various community health and social care services across the UK. It partners with NHS trusts and local authorities to deliver essential services, including urgent care, sexual health clinics, and adult and child social care support.

This week, HCRG was listed on the Medusa ransomware gang’s dark web leak site. The group claims to have infiltrated the company’s systems and stolen over two terabytes of data. If true, this could pose a serious risk to employees and patients.

Sensitive data potentially compromised

According to samples of the alleged stolen files shared by Medusa, the data may include employees’ personal details, sensitive medical records, financial information, and government-issued documents such as passports and birth certificates.

Alison Klabacher, a spokesperson for HCRG, confirmed in an email statement that the company is “currently investigating an IT security incident” and has “recently identified a post on the dark web by a group claiming responsibility.”

While HCRG has not confirmed the data type affected, Medusa’s claims have not been denied. The organisation has also not disclosed how many individuals may be impacted. HCRG employs over 5,000 staff and provides care to around half a million patients across the country, making the scale of the potential breach significant.

“Our team has not observed any suspicious activity since the implementation of immediate containment measures, and we are working with external forensic specialists to investigate the incident,” the spokesperson said. HCRG has also informed the UK’s Information Commissioner’s Office (ICO) and other regulators about the breach.

Despite the cyberattack, HCRG reassured the public that its services remain operational. “Our services are continuing to operate and safely see patients, and those with appointments or who need to access our services should continue to do so,” the company added.

Ransom demand and ongoing risks

The Medusa ransomware gang is demanding a US$2 million ransom to prevent the publication of the allegedly stolen data. HCRG has not confirmed whether it will negotiate with the hackers or pay the ransom.

It is still unclear how Medusa breached HCRG’s systems, but the group is known for exploiting unpatched vulnerabilities in remote desktop software. Cybersecurity experts warn that organisations handling sensitive information must remain vigilant against these attacks, which are becoming increasingly common in the healthcare sector.

As investigations continue, affected individuals may face identity theft and fraud risks. Patients and employees are urged to stay alert for any signs of misuse of their personal information.

Hot this week

Veeam launches new data cloud platform for managed service providers

Veeam launches Data Cloud for MSPs, a new SaaS platform that simplifies data resilience, strengthens security, and helps providers scale services.

AI disruption and quantum threats emerge as key risks for critical infrastructure security

Thales report warns AI disruption and quantum risks are reshaping cybersecurity for critical infrastructure despite falling breach rates.

SFIC unveils five-year roadmap to strengthen Singapore’s furniture industry

SFIC launches its 2026–2030 roadmap to drive innovation, digitalisation, and global growth for Singapore’s furniture industry.

Nintendo accelerates Switch 2 production as demand remains strong

Nintendo ramps up Switch 2 production to meet soaring demand, aiming to sell up to 25 million units by March 2026.

Keeper Security triples revenue in Japan as zero-trust demand surges across APAC

Keeper Security triples revenue in Japan and expands across APAC as organisations adopt zero-trust security to counter rising cyber threats.

SFIC unveils five-year roadmap to strengthen Singapore’s furniture industry

SFIC launches its 2026–2030 roadmap to drive innovation, digitalisation, and global growth for Singapore’s furniture industry.

Twitch CEO responds to streamer assault at TwitchCon 2025

Twitch CEO Dan Clancy responds to streamer Emiru’s assault at TwitchCon 2025 amid criticism over safety and Twitch’s handling of the incident.

Microsoft releases emergency Windows 11 update to fix recovery bug

Microsoft has issued an emergency Windows 11 update to fix a recovery bug that disabled USB mouse and keyboard support in WinRE.

Whisker introduces Litter-Robot 5 Pro with AI facial recognition for cats

Whisker introduces the Litter-Robot 5 Pro, featuring AI facial recognition and new smart features for advanced cat care.

Related Articles