Sunday, 7 September 2025
29.6 C
Singapore
27.1 C
Thailand
19.5 C
Indonesia
27.5 C
Philippines

UK healthcare provider HCRG confirms cyberattack after ransomware gang claims data theft

UK healthcare provider HCRG Care Group confirms a cyberattack after the Medusa ransomware gang claims to have stolen sensitive employee and patient data.

HCRG Care Group, one of the UK’s largest independent healthcare providers, has confirmed investigating a cybersecurity breach after a notorious ransomware group claimed to have stolen a large amount of sensitive data.

The healthcare organisation, formerly Virgin Care and now owned by Twenty20 Capita, provides various community health and social care services across the UK. It partners with NHS trusts and local authorities to deliver essential services, including urgent care, sexual health clinics, and adult and child social care support.

This week, HCRG was listed on the Medusa ransomware gang’s dark web leak site. The group claims to have infiltrated the company’s systems and stolen over two terabytes of data. If true, this could pose a serious risk to employees and patients.

Sensitive data potentially compromised

According to samples of the alleged stolen files shared by Medusa, the data may include employees’ personal details, sensitive medical records, financial information, and government-issued documents such as passports and birth certificates.

Alison Klabacher, a spokesperson for HCRG, confirmed in an email statement that the company is “currently investigating an IT security incident” and has “recently identified a post on the dark web by a group claiming responsibility.”

While HCRG has not confirmed the data type affected, Medusa’s claims have not been denied. The organisation has also not disclosed how many individuals may be impacted. HCRG employs over 5,000 staff and provides care to around half a million patients across the country, making the scale of the potential breach significant.

“Our team has not observed any suspicious activity since the implementation of immediate containment measures, and we are working with external forensic specialists to investigate the incident,” the spokesperson said. HCRG has also informed the UK’s Information Commissioner’s Office (ICO) and other regulators about the breach.

Despite the cyberattack, HCRG reassured the public that its services remain operational. “Our services are continuing to operate and safely see patients, and those with appointments or who need to access our services should continue to do so,” the company added.

Ransom demand and ongoing risks

The Medusa ransomware gang is demanding a US$2 million ransom to prevent the publication of the allegedly stolen data. HCRG has not confirmed whether it will negotiate with the hackers or pay the ransom.

It is still unclear how Medusa breached HCRG’s systems, but the group is known for exploiting unpatched vulnerabilities in remote desktop software. Cybersecurity experts warn that organisations handling sensitive information must remain vigilant against these attacks, which are becoming increasingly common in the healthcare sector.

As investigations continue, affected individuals may face identity theft and fraud risks. Patients and employees are urged to stay alert for any signs of misuse of their personal information.

Hot this week

China enforces mandatory AI content labels on major social media platforms

China’s major social media platforms are now required to label AI-generated content under a new law aimed at curbing misinformation and enhancing oversight.

Meta accused of hosting unauthorised celebrity AI chatbots

Meta faces scrutiny after unauthorised AI chatbots imitating celebrities, including Taylor Swift, were found on its platforms.

Google denies claims of a major Gmail security issue

Google denies claims of a major Gmail security breach, reassuring users that phishing protections remain highly effective.

Rethinking the broken funnel and the next move for B2B marketers

Why linear funnels no longer work and how B2B marketers can evolve using customer-centric, multi-touch strategies.

Veeam launches first software appliance for instant, secure data protection

Veeam has launched its first hardware-agnostic software appliance, offering instant, secure data protection with built-in resilience.

OpenAI to launch job platform and AI certification scheme

OpenAI will launch an AI job platform and certification scheme to help employers find talent and upskill job seekers.

Meta improves threaded posts on Threads with clearer design

Meta is updating Threads with clearer thread labels, numbered posts, and new layout tools to improve user experience.

US court rules Google can keep Apple deal but must share search data with rivals

A US court ruled Google can keep its Apple deal but must share search data with rivals, marking a key antitrust decision.

ECOVACS unveils DEEBOT X11 with PowerBoost and expands service robot portfolio at IFA 2025

Ecovacs launches DEEBOT X11 with PowerBoost and expands its service robot lineup with ULTRAMARINE at IFA 2025.

Related Articles

Popular Categories