Hackers Demand €1.1M Ransom to Prevent Medical Data Leak

Cybercriminals Threaten to Release Sensitive Health Records

Hackers have demanded nearly 1.1 million euros from Clinical Diagnostics laboratory to prevent the publication of stolen medical data belonging to hundreds of thousands of Dutch citizens. The cybercriminal group Nova issued the ultimatum after compromising sensitive health records from a facility in Rijswijk.

Escalating Extortion Demands

Nova set a deadline for the payment of 11 bitcoins (equivalent to €1.1 million) by August 28-29, threatening to release the data publicly otherwise. This comes after the laboratory reportedly paid an initial ransom to prevent immediate publication. The hackers claim Clinical Diagnostics violated previous agreements, possibly by involving law enforcement.

Scope of the Data Breach

The compromised data includes records of 485,000 women who participated in the national cervical cancer screening program. Leaked information contains names, addresses, birth dates, citizen service numbers (BSN), and potentially test results. Additionally, records of over 50,000 other patients were exposed, covering various medical examinations.

Data Security Concerns

Nova initially published a sample dataset containing approximately 0.03% of the total 300GB stolen data. The Dutch Ministry of Health has urged citizens to continue participating in screening programs despite the breach, emphasizing their critical role in early disease detection.

Cybersecurity Implications

This incident highlights vulnerabilities in healthcare data protection. Experts recommend organizations implement multi-layered security protocols, regular penetration testing, and employee cybersecurity training to prevent similar breaches.