The University Hospital New Jersey (UHNJ) in Newark, New Jersey, U.S., has paid a $670,000 ransom to prevent the publishing of 240 GB of stolen data, including patient info.
In September 2020, systems at the University Hospital New Jersey were encrypted with the SunCrypt ransomware. Threat actors leaked online a small portion of 48,000 documents, spanning 1.7 GB of data, out of 240 GB they claimed to have accessed.
This data leak included patient information release authorization forms, copies of driving licenses, Social Security Numbers, date of birth, and records about the Board of Directors.
To prevent further leaking of patient data, the hospital contacted the ransomware operators. The initial ransom demand was for $1.7 million. After negotiations, the hospital paid $672,744. The attackers then provided the decryption key.
The entry point was a phishing email sent to an employee, providing the attackers network credentials.
Read more about it here.