Private patient data leaked by ransomware group D#nut Leaks

By Brian Ward

After Montgomery General Hospital (MGH) failed to pay the ransomware group D#nut Leaks a $750,000 ransom on time, the group released patient and employee data it had stolen from the hospital on March 31, according to a report by DataBreaches.net. Leaked data included patient files, medical histories, diagnoses, treatments plans, test results, and patients insurance information. The leak also included information on past and present MGH employees, including Social Security numbers, and pay rates.

Interestingly, the theft became public after D#nut Leaks reached out to DataBreaches, explaining they had gained access to MGH’s systems via a Microsoft Exchange flaw. Normally, ransomware groups encrypt their victim’s entire system, locking the user out of their own files, then charge them a ransom to have their files unlocked. But in this case, D#nut Leaks only encrypted some of MGH’s files, claiming it didn’t hold all the files hostage this time because of the services the hospital provided.

“Since your business provides critical services and its infrastructure necessary for ordinary people health, we decided not to crypt or damage your network. But we still have downloaded sensitive data from there, so we could make a deal,” D#nut’s negotiator reportedly told MGH.

The hackers then demanded a $750,000 ransom to delete the copied information. When MGH failed to pay or make a counteroffer by D#nut Leaks deadline, the information was published on D#nut Leaks' website.