Inc. Ransomware has taken credit for the November cyberattack on Tri-City Medical Center in Oceanside, Calif., according to a report from Cyber News.
The threat group claimed responsibility on Dec. 7 and posted nine file samples of data on the dark web it says was stolen during the attack. The files include medical records, surgical authorizations and financial records from the hospital.
One of the documents appears to reveal the California Health Department bank account number that Tri-City used to transfer funds.
Inc. Ransomware is a "multi-extortion operation," according to the SentinelOne, a cybersecurity company, and has targeted healthcare organizations as well as education and government agencies. The group typically gains access to IT systems through phishing emails and then places ransom notes in folders with encrypted items. It also prints out the ransom note, which Tri-City reportedly experienced.