Although the hospital has not disclosed specifics about the cyber incident, local authorities confirmed the attackers targeted software used to manage patient records and medical histories. A private hospital in the Russian republic of Chuvashia experienced a multi-day disruption this week likely linked to a cyberattack claimed by a pro-Ukraine hacker group. The hacker group 4B1D claimed on Telegram that it gained access to the clinic's network via the compromised account of the clinic’s director. The group said it then wiped the clinic's servers, deleted backups, encrypted and exported patient data, and disabled more than 100 computers. To support its claims, the hacker group posted some of the leaked data, including an X-ray of a skull, on its Telegram channel. According to the group, they obtained personal data of around 52,000 patients and medical staff, with approximately 2,000 records already being sold on the dark web. The day before the cyberattack on Lecardo Clinic, Chuvashia was the target of a Ukrainian drone strike for the first time since the start of the war in Ukraine. 4B1D is a little-known threat actor active since at least January, claiming responsibility for attacks on various Russian companies, including tech firms and those involved in critical infrastructure. Local media reported that Lecardo Clinic's management failed to report the breach promptly to authorities. In response, local prosecutors announced plans to investigate staff compliance with information security regulations. On Tuesday, Lecardo Clinic announced a "technical failure" that led to a three-day shutdown of its operations.
This Cyber News was published on therecord.media. Publication date: Fri, 16 May 2025 13:56:56 +0000