The Hospital Clinic de Barcelona Forced to Cancel Hundreds of Surgeries and 3,000 Patient Checkups Due to a Ransomware Attack
Read also: Indian crypto exchange BitBNS hid a $7.5M breach, hackers are selling US lawmaker data, and more.
Thursday, March 9, 2023
Spanish hospital cancels thousands of appointments after a ransomware attack
The Hospital Clinic de Barcelona, one of Barcelona's main hospitals, has been forced to cancel over a hundred nonurgent operations and around 3,000 patient checkups due to a Ransom House ransomware attack that took place over the weekend.
The attack impacted the facility’s computer system, including computers used by multiple laboratories, clinics, pharmacies and emergency room across the medical center.
Hospital officials said they have not received an extortion demand as of yet, but stressed they would not pay if the threat actors will ask for a ransom.
Hackers are selling US lawmaker data stolen from health insurance market
A threat actor has been selling sensitive personal information stolen from DC Health Link, an online health insurance marketplace for residents of Washington, D.C., which is used by many White House staff members and their families.
The data breach is said to have exposed personal information, including full names, date of enrollment, relationship, and email addresses of hundreds of lawmakers and staff. Presently, the exact size and scope of the breach is unclear, but it can be extraordinary due to the thousands of congressional members and employees who have used the health insurance market since 2014.
What’s more, the data allegedly stolen from DC Health Link is already available for purchase on the dark web. According to news media reports, at least one threat actor is selling personal information allegedly obtained from DC Health Link’s servers on a well-known hacker forum.
Suspected core members of the DoppelPaymer ransomware gang detained in Germany, Ukraine
A joint effort by law enforcement teams from Germany, Ukraine, the Netherlands, and the US has resulted in the takedown of suspected core members of cybercriminal organization that used the notorious DoppelPaymer ransomware to launch devastating attacks against organizations, high-value companies, and critical infrastructure worldwide. In one tragic incident the threat actors attacked the University Hospital in Düsseldorf, which led to death of a patient.
As part of the simultaneous law enforcement actions, searches were conducted at the house of a German national and two locations in Kiev and Kharkiv (Ukraine). An Ukrainian national was also questioned. Both suspects are believed to have played major roles in the DoppelPaymer cyber crime syndicate.
In addition, the German authorities issued international arrest warrants for three other suspects (all of them linked to Russia) thought to be core members of the DoppelPaymer group.
Electronics giant Acer admits security breach following 160GB leak on a hacker forum
Taiwanese electronics manufacturer Acer has confirmed it has suffered a security breach after a threat actor put up for sale over 160GB of data they allegedly stole from the tech giant last month.
The dataset, offered for an unspecified amount of Monero, is said to include staff manuals, confidential product documentation for electronic devices, disk images, replacement digital product keys, details about Acer’s BIOS, and more.
Acer explained that one of its servers for repair technicians was breached, but so far there’s no indication that customer data was impacted in the incident.
Indian crypto exchange BitBNS hid a $7.5M hack on request of law enforcement
The India-based cryptocurrency exchange BitBNS has admitted it was hacked last February after an anonymous crypto security expert revealed that the company concealed a $7.5 million crypto theft disguising it as “system maintenance.”
In an Ask Me Anything (AMA) session BitBNS’s founder Gaurav Dahake has confirmed the hack but said it wasn’t something “abnormal” and that multiple exchanges suffered similar incidents. As for the reason behind the cover-up, he said that local law enforcement advised the company to keep the incident private until the investigation was complete or reaches a dead end.
What’s next:
- Follow ImmuniWeb on Twitter and LinkedIn
- Explore 20 use cases how ImmuniWeb can help
- Browse open positions to join our great Team
- See the benefits of our partner program
- Request a demo, quote or special price
- Subscribe to our newsletter
Cybercrime Prosecution Weekly is a digest of most important events related to cybercrime investigation and prosecution, cyber law, as well as to new data breaches and security incidents that deserve attention of our customers and partners. 
