Interlock Ransomware Attacks Texas Tech University Health Sciences Center
A lesser-known ransomware group, Interlock, has launched a significant cyberattack against the Texas Tech University Health Sciences Center, jeopardizing the personal data of nearly 1.46 million patients. This group claims to have breached the university’s network in September 2024, exfiltrating over 2.1 million files, which collectively represent around 2.6 terabytes of sensitive data. The compromised information includes full names, birth dates, residential addresses, social security numbers, driver’s licenses, financial details, health records, and billing data.
The incident was first made public by Texas Tech in an official statement released in October 2024. By November, the attackers asserted that they had begun selling portions of the stolen data on the dark web, making it accessible to potential buyers.
In the fallout of this breach, Texas Tech has started notifying the 1.4 million affected patients, advising them to be vigilant against potential risks associated with identity theft, phishing, and social engineering attacks. The university is also recommending that individuals closely monitor their credit scores and health insurance billing statements, as the compromised data could be exploited in forthcoming schemes.
This breach underscores the escalating cybersecurity threats faced by healthcare institutions and the profound implications such incidents can have on patient privacy and safety.
Telecom Namibia Targeted by Hunters International Ransomware Group
Cyberattacks continue to rise globally, and the 2024 festive season is no exception. In a recent breach, Telecom Namibia, a government-operated telecommunications network, fell victim to an attack by the notorious Hunters International Ransomware Group (previously known as Hive Ransomware). This incident appears to be particularly damaging, with hackers accessing sensitive personal data pertaining to key government officials, including members of parliament.
After Telecom Namibia declined to satisfy the attackers’ ransom demands, the hackers escalated their tactics by leaking portions of the stolen data on the dark web. This approach is typical of ransomware groups, who often release samples of stolen data to exert pressure and demonstrate the severity of their threats. The leaked information reportedly includes personally identifiable information (PII), home addresses, and financial records of several high-ranking officials, thereby heightening the breach’s severity.
In addition to releasing the data on the dark web, the attackers have exploited encrypted messaging platforms like Telegram to further disseminate the compromised information. Their objective seems clear: to maximize pressure on Telecom Namibia while profiting from selling the stolen data to interested buyers.
This incident underscores the vulnerability of government-affiliated institutions to cybercrime and highlights the increasingly aggressive tactics employed by ransomware groups. It stresses the necessity for robust cybersecurity measures for organizations in sensitive sectors, particularly those that manage extensive personal and governmental data. As the situation evolves, both Telecom Namibia and the Namibian government will likely face significant challenges in addressing the repercussions of this breach.
Ad
