A medical facility on standby to help test coronavirus vaccine was hit by a ransomware group that promised not to target medical organizations.
The criminals behind the Maze ransomware attacks have struck again who just days ago, guaranteed not to attack healthcare and medical facilities until the situation stabilizes. The Maze group is famous for stealing data from a victim and then releasing it online to get the ransom.
Hammersmith Medicines Research, a British company that previously tested the Ebola vaccine and is on standby to perform the medical trials on any COVID-19 vaccine was affected in the attack.
According to Malcolm Boyce, clinical director of Hammersmith Medicines Research, the cyber-attack took place on March 14 and was spotted in progress, stopped and the systems were restored without paying any ransom.
However, the attack took place before Maze announced on March 18 that it would no longer target medical organizations. But this pledge has not stopped it from continuing in attempts to extort them.
The attackers managed to exfiltrate data which includes patient records and even published some of them online. The medical firm was sent sample files containing details of people who participated in testing trials between eight and 20 years previously. Later the Maze operators published samples of data on the dark web.
However, Boyce confirmed that they had no intention to pay a ransom to release the data files.
There has been a significant increase in the scams related to COVID-19 taking coronavirus fear as an opportunity. Medical organizations are in a very vulnerable situation now which is likely to increase the probability that they make the ransom payments.