Baltimore Medical System (BMS), a federally funded US health system, has been claimed by a hacker gang. The attackers claim they’ve stolen several terabytes of data from the healthcare provider, which mostly operates in underserved areas.
BMS was posted on the Brain Cipher ransomware cartel’s dark web blog, which it uses to showcase its latest victims. Since attackers made the data public, it is highly likely that the healthcare network refused to or couldn’t meet the attackers’ ransom demands.
We have reached BSM for comment and will update the article once we receive a reply.
BSM is the largest Federally Qualified Health Center (FQHC) in the state of Maryland, serving around 90,000 patients. The organization operates several community health centers and other facilities.
The Cybernews research team has investigated the attackers’ dark web post and noticed several data samples, some weighing over 800GB. According to the team, the files’ naming conventions and sizes strongly suggest that attackers dumped several BMS servers. The information very likely contains user details, file system backups, and database backups.
In theory, the stolen data could enable attackers to carry out medical identity theft and insurance fraud. In these cases, the attackers could impersonate individuals to obtain prescription drugs. And if the stolen information includes patient histories, it could lead to cases of blackmail.
What makes matters worse is that medical and biometric data are non-recoverable, which means that, unlike passwords or credit cards, users cannot change their medical histories once they've been compromised.
The attackers behind the alleged data breach, Brain Cipher, are relatively new to the ransomware game, having first been spotted in mid-2024. However, the group has already made waves targeting behemoths like Deloitte.
The gang targets multiple critical industries and governmental organizations and engages in multi-pronged extortion. It posts victims on its TOR-based data leak site, and its malicious payloads are based on the LockBit ransomware strain.
According to Cybernews’ dark web monitoring tool, Ransomlooker, Brain Cipher has victimized at least 30 organizations since starting operations.
Unlock more exclusive Cybernews content on YouTube.
Your email address will not be published. Required fields are markedmarked