Skip to content

Interlock ransomware claims Kettering health attack

  • by
  • 2 min read

Weeks after US healthcare network Kettering Health announced that it suffered a cyberattack, ransomware group Interlock has claimed responsibility for the attack. Kettering was left dealing with a system outage due to the attack, confirmed it had been targeted, but didn’t reveal additional information at the time.

While the healthcare firm didn’t reveal who was behind the attack, CNN reported that it was Interlock. The group was reported to be threatening Kettering to release stolen information if a ransom wasn’t paid. It seems that any ongoing negotiations between the hackers and the firm have broken down as Interlock has finally claimed the attack on Kettering and listed them on their leak site, according to BleepingComputer.

The cybercriminals claim they have stolen 941 GB of data from the healthcare organisation, including 20,000 folders and 732,489 documents containing sensitive information, including:

  • Bank reports
  • Payroll information
  • Patient data
  • Pharmacy and blood bank documents
  • Kettering Health police personnel files
  • Scans of identity documents, including passports
Illustration: jmiks | shutterstock
Illustration: JMiks | Shutterstock

Shortly after the attack, Kettering had also warned patients of scam calls from individuals impersonating the company and looking to take advantage of the situation by tricking patients into giving up credit card information. While the scam and ransomware attack can be two separate incidents, if Interlock ends up selling this information to the wrong people, these scam calls will be the least of Kettering’s patients’ worries.

Interlock is a relatively new ransomware group that came up in September 2024, already having claimed dozens of victims around the world. The group usually targets healthcare organisations, which are becoming an increasingly beneficial target for similar cybercrime groups due to their fast-paced nature and reliance on computer systems. Additionally, hospitals and healthcare organisations often have highly sensitive data stored on thousands of patients at once, so even if they refuse the ransom payment, the ransomware operators still have a good chance to make money by selling the stolen data.

In the News: Online grocery shop KiranaPro hacked; AWS and GitHub code wiped

Yadullah Abidi

Yadullah Abidi

Yadullah is a Computer Science graduate who writes/edits/shoots/codes all things cybersecurity, gaming, and tech hardware. When he's not, he streams himself racing virtual cars. He's been writing and reporting on tech and cybersecurity with websites like Candid.Technology and MakeUseOf since 2018. You can contact him here: yadullahabidi@pm.me.

Related Reads

This is an image of dprk north korea flag

US sanctions North Korean hacker for running fraud IT worker scheme

This is an image of ransomware 32988sd

M&S confirms April cyberattack was ransomware

This is an image of macbook pro featured 123

Novel North Korean macOS malware found targeting Web3, crypto platforms

This is an image of dark web hacker security

Chinese hacker linked to Silk Typhoon arrested in Italy

Illustration: jmiks | shutterstock

New ransomware gang found terrorising Windows and Linux PCs

Top 25 call of duty (cod) wallpapers every gamers should check out

COD WWII hacked; PC version taken offline

>