Illustration: JMiks | Shutterstock

Popular US healthcare network Kettering Health has announced that it suffered a cyberattack, causing a system-wide outage. The organisation has been cancelling patient procedures due to the outage.

Kettering confirmed the cyberattack in a statement on its website but hasn’t revealed the nature of the attack or whether or not patient data was stolen during the incident. It simply claimed that the company “experienced a system-wide technology outage which limited our ability to access certain patient care systems across the organisation.”

However, CNN reports that the Interlock ransomware gang is behind the attack and is currently threatening to release stolen information if the company doesn’t negotiate for a ransom. The following ransom note was also reportedly discovered on the encrypted devices:

Your network was compromised, and we have secured your most vital files

Candid.Technology did not see Kettering listed as a victim on major ransomware group sites at the time of writing. The BleepingComputer also reports that Interlock is yet to claim Kettering as a victim on its dark web data leak site.

To make matters worse, Kettering’s announcement also warns against scam callings from scammers impersonating Kettering Health team members and “requesting credit card payments for medical expenses.” The firm notes that while it’s usual for its employees to reach out to patients over the phone and discuss payment options for medical bills, it’ll not be making any calls to ask or recieve payment until further notice.

There’s no evidence to suggest that the scam calls and the cyberattack are linked, meaning this could be another threat actor taking advantage of the chaos. However, reaching out to customers would require access to internal company data, suggesting the ransomware gang behind the attack is likely attempting to target customers after breaching the organisation.