Ransomware operation Rhysida has taken credit for launching a cyberattack against Jordan-based multi-specialty healthcare provider Abdali Hospital, resulting in the significant theft of sensitive data, according to Security Affairs.
Some of the stolen data, including contracts and ID cards, have already been leaked by Rhysida, which has been auctioning the trove of exfiltrated files to a single buyer for 10 Bitcoin.
"With just 7 days on the clock, seize the opportunity to bid on exclusive, unique, and impressive data. Open your wallets and be ready to buy exclusive data," said Rhysida on its Tor leak site.
Rhysida's attack against Abdali Hospital comes weeks after it admitted responsibility for targeting London-based King Edward VII's Hospital, the British Library, and China Energy Engineering Corporation.
Mounting intrusions from the group, which only emerged in May, has already prompted a joint advisory from the FBI and Cybersecurity and Infrastructure Security Agency that detailed the ransomware gang's indicators of compromise and tactics, techniques, and procedures.
BleepingComputer reports vulnerable ConnectWise ScreenConnect servers impacted by the CVE-2024-1708 and CVE-2024-1709 flaws were observed by Sophos X-Ops researchers to have been subjected to numerous LockBit ransomware attacks since Feb. 21 .