Interlock Ransomware Targets Texas Tech University Health Sciences Center
A relatively unknown ransomware group, Interlock, has reportedly targeted the Texas Tech University Health Sciences Center, posing a significant threat to the personal data of over 1.46 million patients. The gang claims to have infiltrated the institution’s network in September 2024, exfiltrating more than 2.1 million files, amounting to a staggering 2.6 terabytes of sensitive data. Among the stolen information are full names, dates of birth, physical addresses, social security numbers, driver’s licenses, financial details, as well as health records and billing information.
The attack was first publicly acknowledged by Texas Tech in an official statement issued in October 2024. By November, the threat actors claimed to have sold a portion of this stolen data on the dark web, making it available for purchase by malicious actors.
In response to the breach, Texas Tech has begun notifying the 1.4 million impacted patients, urging them to remain vigilant about the potential risks of identity theft, phishing, and other social engineering attacks. The university is also advising patients to monitor their credit scores closely, as well as any health insurance billing statements, as the stolen data could be used to manipulate these systems in the future.
This breach serves as another stark reminder of the growing cybersecurity threat faced by healthcare institutions, and the significant impact such breaches can have on patient privacy and security.
Telecom Namibia Falls Victim to Hunters International Ransomware Gang
Ransomware attacks continue to escalate globally, and the festive season of 2024 has proven no exception. In a recent incident, Telecom Namibia, a government-funded telecommunications network in Namibia, became the latest victim of a cyberattack by the notorious Hunters International Ransomware Gang( Formerly Known as Hive Ransomware). This breach appears to have been particularly damaging, with the hackers gaining access to sensitive personal information related to key government officials, including elected members of parliament.
When Telecom Namibia refused to meet the attackersā ransom demands, the hackers escalated their efforts by leaking a portion of the stolen data on the dark web last Friday. This move is typical of ransomware gangs, who often release small samples of stolen information to apply pressure on the victim and demonstrate the seriousness of their threat. The leaked data includes personally identifiable information (PII), home addresses, and financial details of several high-ranking officials, amplifying the severity of the breach.
In addition to releasing this information on the dark web, the hackers have also utilized encrypted messaging platforms like Telegram to further distribute the sensitive data. The goal is clear: to maximize the pressure on Telecom Namibia while profiting from the sale of the stolen data to interested parties.
This attack highlights the vulnerability of government-affiliated entities to cybercrime, as well as the increasingly aggressive tactics employed by ransomware groups. It also underscores the importance of robust cybersecurity measures for organizations in sensitive sectors, particularly those holding vast amounts of personal and governmental data. As the situation develops, both Telecom Namibia and the Namibian government will likely face significant challenges in mitigating the fallout from this breach.
