Hackers break into Israeli hospital’s server, stealing patients’ personal information

The hackers broke into Mayanei Hayeshua’s computers last month and uploaded 402GB of sensitive patient information to the dark web today.

By World Israel News Staff

A hacker group calling itself “Ragnar Locker” broke into the internal drives of Mayanei Hayeshua Medical Center in Bnei Brak on August 8, shutting down the hospital’s computer system, the group revealed Wednesday.

While the National Cyber Directorate said at the time that the attack had been contained, the group apparently managed to collect hundreds of thousands of files of sensitive patient data, including treatment records and personal details such as IDs and patient photographs.

Last night, the group published 402GB of data to the dark web, accusing the hospital of not caring about the wellbeing of its patients.

“We tried to draw their attention to the network problems and invited them to a discussion. Instead of a dialogue, they started playing tricks on us, they even tried to catch us with phishing,” they claimed.

“Really guys, seriously? So after multiple attempts to contact the management of Mayanei Hayeshua, it became clear to us that the management does not care about the privacy of their patients.”

Read  'We want to stay here' - Gazans in Israel with hospitalized kids

The “discussion” the hackers alluded to appears to be an attempt to blackmail the hospital into paying a ransom in return for the stolen data. Instead of giving in to these demands, it appears the hospital and the National Cyber Directorate attempted to reveal the identities of the individuals behind the attack.

The attackers made further threats, vowing to release additional information taken during the August 8th data theft.

“Today we are publishing the first set of internal files, including personal information, internal emails, financial information, medical files and other very sensitive information. But that’s not all. In the next 3-4 days we will reveal the complete database and a huge collection of internal correspondence,” they warned.

In response, the hospital stated that in light of the blanket ban on the publication of any information revealed by the hackers, it couldn’t comment on the event, adding that it had returned to full operation since the initial attack, strengthened its cyber defense system, and was operating a “dedicated call center” to address patients’ issues with the regards to the break-in.