Irish Judge Prohibits Ransomware Group From Publishing Stolen Patient Data

The Irish Supreme Court has prohibited the group behind the Conti ransomware from sharing, processing, selling or publishing data stolen from Ireland's national health service. The Health Service Executive (HSE) informed the court that all data it holds may have been compromised. The attackers, who have now provided the healthcare industry with a decryption tool for decrypting the data, are demanding $ 20 million to prevent publication of the stolen data. The attackers say they have stolen 700 gigabytes of data.

The court order is directed against "unknown persons". In addition to the prohibition to disclose or distribute the stolen data, attackers are also required to identify themselves by providing their names, address details and email addresses. The primary purpose of the injunction is to make it clear to legitimate IT providers, such as Google and Twitter, that dissemination of the data is not allowed, the Irish Examiner and the Independent report.

Although the attackers provided a decryption tool, the IT environment has still not been restored and patient services are still disrupted, The Journal reports . Within the HSE there are about two thousand ICT systems, each of which is supported by several servers and devices. All these systems must be restored. In addition, some eighty thousand computers will be reinstalled. A time-consuming process and it is therefore still unknown when all systems will be operational again.

Previous Post Next Post