Nova threatens to release Clinical Diagnostics’ stolen data, even though the ransom was paid

Published: 19 August 2025
Last updated: 19 August 2025
clinical diagnostics ransomware paid crypto coins
Image by Cybernews.

Nova, the group of cybercriminals who stole the medical data of hundreds of thousands of participants in health screenings, is threatening to leak and sell that data.

On its website on the dark web, Nova states that Clinical Diagnostics has violated the deal, although the ransomware operation doesn’t specify which agreement it’s referring to. Therefore, the threat actor is now threatening to leak all the exfiltrated data by August 28th.

Furthermore, Nova claims to have found a “leaker partner” who’s willing to buy the complete dataset of 300 gigabytes for 11 BTC, which is approximately €1.1 million euros.

ADVERTISEMENT
ssd eleven bitcoin data price
Image by Cybernews.

“If your price was higher or same we will stop deal with him, as we provide decryptor for you company we can stop leak operation, but make high payment and don’t break deal law,” Nova’s updated statement says in poorly written English.

Last week, the Centre for Population Screening, an institution that conducts healthcare studies in the Netherlands, announced that the personal and sensitive information of 485,000 participants in a cervical cancer screening program had been stolen.

The attackers managed to get hold of personal and sensitive information, including full names, addresses, dates of birth, citizens’ service numbers (BSN), test results, and the names of the participants’ healthcare providers from an external research lab.

Z-CERT, the Computer Emergency Response Team for the healthcare sector in the Netherlands, confirmed that the data breach also infected several other healthcare providers, including general practitioners and hospitals. The names of a Minister and a Member of Parliament were included in a sample of the stolen data.

Nova’s most recent message seems to have come out of the blue. The group of cybercriminals, as well as an anonymous source at Clinical Diagnostics, had confirmed that a ransom was paid. Normally, this means that the stolen data is secured and won’t be leaked publicly.

This could mean that Clinical Diagnostics didn't pay enough ransom, which is suggested in Nova’s statement on the dark web. Or perhaps Clinical Diagnostics is being punished for contacting and involving law enforcement authorities to handle the data breach.

ADVERTISEMENT


Share
Post
Share
Share
Share
More from Cybernews
Companies using Fable 5 beware: it’s collecting your data, and there are no exceptions
World’s leading mathematicians ridicule AI hype in high-IQ declaration
Democrats are far more worried than Republicans that AI will take jobs, new poll finds
Europe’s tech revolution feels like Soviet déjà vu
New York demands advertisers use “synthetic performer” label or else
The surprising way Elon Musk is powering your next holiday flight
ADVERTISEMENT