The cyberattack on Ireland’s Health Service Executive (HSE) has a new update, where it’s found the threat actor behind it is now asking for a massive $20 million sum for the decryptor. They claim to have stolen over 700GB of data from the HSE, including patient and employee info, contracts, financial statements, etc. On the other hand, Ireland’s PM said they wouldn’t be paying the ransom.
Hackers of HSE Demand $20 Million Ransom
After a detailed assessment, the HSE found perpetrators behind the cyberattack against them as the Conti ransomware group. The attack by threat actor yesterday led HSE to shut down its IT systems all over to contain the spread of their locking malware. This disrupted critical services like diagnostics and maternity care.
There is a significant ransomware attack on the HSE IT systems. We have taken the precaution of shutting down all our our IT systems in order to protect them from this attack and to allow us fully assess the situation with our own security partners.
— HSE Ireland (@HSELive) May 14, 2021
A new lead on the incident revealed what the threat actor behind this, the Conti ransomware group has stolen, and their demand. As per BleepingComputer, a negotiation chat screenshot shared by a security researcher says the group is asking a ransom of $19,999,000 for the decryptor and erasing stolen data from their side.
They claimed to have unencrypted HSE patient information, employee information, contracts, financial statements, payroll, etc. And usual, they’d leak these files for free if the victim (HSE here) doesn’t cooperate with them. And it’s most likely happening, as the Prime Minister of Ireland, Taoiseach Micheál Martin, said that they would not be paying any ransom.
HSE earlier said they’re working on normalizing the situation with third-party cybersecurity experts and internal teams, as they have taken some services offline. Instead, they’re now carrying out the regular tasks in the offline mode like handwritten-based, which is slowing down the process.