Tuesday, 16 September 2025
28.5 C
Singapore
28.3 C
Thailand
19.6 C
Indonesia
26.3 C
Philippines

UK healthcare provider HCRG confirms cyberattack after ransomware gang claims data theft

UK healthcare provider HCRG Care Group confirms a cyberattack after the Medusa ransomware gang claims to have stolen sensitive employee and patient data.

HCRG Care Group, one of the UK’s largest independent healthcare providers, has confirmed investigating a cybersecurity breach after a notorious ransomware group claimed to have stolen a large amount of sensitive data.

The healthcare organisation, formerly Virgin Care and now owned by Twenty20 Capita, provides various community health and social care services across the UK. It partners with NHS trusts and local authorities to deliver essential services, including urgent care, sexual health clinics, and adult and child social care support.

This week, HCRG was listed on the Medusa ransomware gang’s dark web leak site. The group claims to have infiltrated the company’s systems and stolen over two terabytes of data. If true, this could pose a serious risk to employees and patients.

Sensitive data potentially compromised

According to samples of the alleged stolen files shared by Medusa, the data may include employees’ personal details, sensitive medical records, financial information, and government-issued documents such as passports and birth certificates.

Alison Klabacher, a spokesperson for HCRG, confirmed in an email statement that the company is “currently investigating an IT security incident” and has “recently identified a post on the dark web by a group claiming responsibility.”

While HCRG has not confirmed the data type affected, Medusa’s claims have not been denied. The organisation has also not disclosed how many individuals may be impacted. HCRG employs over 5,000 staff and provides care to around half a million patients across the country, making the scale of the potential breach significant.

“Our team has not observed any suspicious activity since the implementation of immediate containment measures, and we are working with external forensic specialists to investigate the incident,” the spokesperson said. HCRG has also informed the UK’s Information Commissioner’s Office (ICO) and other regulators about the breach.

Despite the cyberattack, HCRG reassured the public that its services remain operational. “Our services are continuing to operate and safely see patients, and those with appointments or who need to access our services should continue to do so,” the company added.

Ransom demand and ongoing risks

The Medusa ransomware gang is demanding a US$2 million ransom to prevent the publication of the allegedly stolen data. HCRG has not confirmed whether it will negotiate with the hackers or pay the ransom.

It is still unclear how Medusa breached HCRG’s systems, but the group is known for exploiting unpatched vulnerabilities in remote desktop software. Cybersecurity experts warn that organisations handling sensitive information must remain vigilant against these attacks, which are becoming increasingly common in the healthcare sector.

As investigations continue, affected individuals may face identity theft and fraud risks. Patients and employees are urged to stay alert for any signs of misuse of their personal information.

Hot this week

Apple launches iPhone 17 with brighter display, smarter cameras, and faster performance

Apple introduces the iPhone 17 in Singapore with smarter cameras, a brighter display, faster performance, and new trade-in offers.

How earables are evolving into health and lifestyle assistants

Earables are evolving beyond audio, offering health tracking, translation, and navigation—shaping new opportunities across Southeast Asia.

Blackmagic unveils Camera ProDock for iPhone 17 Pro filmmaking

Blackmagic launches Camera ProDock for iPhone 17 Pro, adding pro filmmaking connections, including genlock, HDMI, and audio ports.

Employment Hero report shows workers under pressure and rethinking careers

Employment Hero’s 2025 Jobs Report reveals rising costs, job mobility, and Gen Z’s shift towards security and purpose across four countries.

Organisations struggle with cloud security fundamentals, Tenable report reveals

Tenable report warns organisations remain exposed to breaches due to weak cloud security fundamentals, identity risks, and skills gaps.

Biwin unveils Mini SSD, a tiny storage device that could replace microSD cards

Biwin launches Mini SSD, a tiny yet powerful storage device that could replace microSD cards if industry standards are adopted.

Apple brings major upgrades to Powerbeats Pro 2 with iOS 26

Apple adds heart rate, fitness, and smart usability upgrades to Powerbeats Pro 2 with iOS 26, launching on 15 September.

UltraGreen.ai secures US$188 million anchor investment at US$1.3 billion valuation

UltraGreen.ai secures US$188 million anchor investment led by 65EP, Vitruvian, and August, valuing the firm at US$1.3 billion.

ConnectingDNA launches AI-powered DNA wellness marketplace in Singapore

ConnectingDNA launches the world’s first AI-powered DNA wellness marketplace in Singapore, offering personalised health insights and secure data protection.

Related Articles

Popular Categories