Netwalker, a ransomware operator that threatens to publish data online if ransoms aren't paid, hacked Springfield, Pa.-based Crozer-Keystone Health System and is auctioning off its data online, according to Cointelegraph.
The ransomware gang is selling the stolen data from Crozer-Keystone through its darknet website and said it will leak the data if it is not purchased at auction within six days, according to the June 19 report.
In a June 22 emailed statement to Becker's Hospital Review, a Crozer-Keystone spokesperson said the health system is currently conducting a full investigation of the incident and worked with cybersecurity professionals across its organization in response to the issue.
"After quickly identifying a recent malware attack, the Crozer-Keystone information technology team took immediate action and began remediating impacted systems," the spokesperson said. "Having isolated the intrusion, we took necessary systems offline to prevent further risk."
Cointelegraph was able to access Netwalker's alleged publication on June 19, which showed "dozens of folders with an undisclosed amount of data, mostly concerning finances, but nothing related to medical records of patients," according to the report. Netwalker claimed Crozer-Keystone declined to pay for the ransom the group demanded in Bitcoin.