Over 100 California Auctions End Today - Bid Now

Siemens Healthineers opens investigation into LockBit breach that included Varian patient data

by John R. Fischer, Senior Reporter | August 22, 2023
Cyber Security Health IT
Siemens Healthineers is investigating a data breach of Varian by LockBit.
Hackers affiliated with the LockBit ransomware group have infiltrated medical systems manufactured by Varian, a Siemens Healthineers company, gaining access to patient data.

The attackers listed Varian on its leak website on August 7, and gave it a deadline of August 17 to negotiate a ransom to avoid "all databases and patient data" being published on LockBit’s blog,” reported Tech Monitor.

According to reports, the data impacted by the attack is confined to a single hospital in Seoul, South Korea.
DOTmed text ad

New Fully Configured 80-slice CT in 2 weeks with Software Upgrades for Life

For those who need to move fast and expand clinical capabilities -- and would love new equipment -- the uCT 550 Advance offers a new fully configured 80-slice CT in up to 2 weeks with routine maintenance and parts and Software Upgrades for Life™ included.

In a statement to HCB News, a spokesperson for Siemens Healthineers, which acquired Varian in 2021, said the company is investigating the incident and has “comprehensive measures in place to mitigate cybersecurity risk."

LockBit did not publicly specify how much it was seeking from Varian for the return of its information, and it was not clear how it breached the network, or how much data it stole.

The attack is one of several that LockBit has recently launched within the healthcare industry. On August 17, it listed United Medical Centers as one of its victims, a healthcare provider in Southwest Texas which previously said it was “experiencing technical difficulties” with its network and “actively addressing the issue to restore normal operations as swiftly as possible,” according to Recorded Future News.

But Jon DiMaggio, chief security strategist at Analyst1 who infiltrated and communicated with members of the group, told Recorded Future News that LockBit’s backend infrastructure and lack of available bandwidth has made it harder to publish data and forced the organization to rely more heavily on its reputation to scare victims into paying ransoms rather than its actual capabilities.

“Affiliates are leaving LockBit’s program for its competitors. They know that LockBit is unable to publish large amounts of victim data, despite its claims,” he said.

You Must Be Logged In To Post A Comment