Texas-based Methodist McKinney Hospital has been threatened by the Karakurt hacking group to have information regarding data stolen from its servers, according to CBS News.
Karakurt hackers have claimed exfiltrating 360GB of files from Methodist McKinney, as well as two of its surgical centers, including patient cards, prescription scans, invoices, accounting, contracts, and financial documents.
Cybersecurity experts have praised Methodist McKinney's decision not to pay the ransom demanded by Karakurt.
"I think it was absolutely the right call. Had the hospital paid, it had no guarantees that the data would have been deleted," said Emsisoft Threat Analyst Brett Callow.
However, the incident should prompt healthcare providers to strengthen their defenses, with data breaches already having impacted more than 50 hospitals across the U.S. so far this year.
"They absolutely need to do more. Most attacks like this are preventable; they occur because of security weaknesses," said cybersecurity expert Andrew Sternke.
BleepingComputer reports that Knight ransomware was observed by KELA threat analysts to have the third iteration of its source code posted for sale by the operation's representative, Cyclops, on RAMP forums.