US to return $500K healthcare providers paid in ransom to North Korea hackers

The federal government recovered $500,000 that two hospitals paid as ransom to North Korean hackers and plans to return the funds, according to a July 19 U.S. Justice Department statement.

Court documents show the hackers installed Maui ransomware on an unnamed Kansas-based medical center to encrypt files and servers. The hospital notified the FBI and paid $100,000 in bitcoin to regain computer access. Federal investigators traced the payment to China-based money launderers, according to the Justice Department.

In April, the FBI identified $120,000 bitcoin payment in a seized cryptocurrency account and confirmed that a medical provider in Colorado had paid it after being hit by the same Maui ransomware used at the Kansas medical center. The FBI seized the contents of the two cryptocurrency accounts in May and began the process of retrieving the funds so they could be given back to the healthcare providers.


Copyright © 2022 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.


Featured Whitepapers

Featured Webinars