A recent ransomware attack on Kettering Health, a prominent network of hospitals, clinics, and medical centers in Ohio, has left the healthcare system in a state of turmoil. The cybercriminals behind the attack, identified as the Interlock ransomware group, have claimed responsibility for the breach and subsequent data theft.
Interlock, a relatively new player in the ransomware landscape, has been targeting healthcare organizations in the U.S. since September 2024. The group recently announced on its dark web site that they had successfully stolen over 940 gigabytes of data from Kettering Health, adding to the growing concern surrounding the attack.
CNN initially reported the breach on May 20, attributing it to Interlock. Typically, cybercriminals remain silent about their involvement in such incidents as they negotiate ransom payments with their victims. However, Interlock’s decision to publicly acknowledge their role in the attack suggests that negotiations have reached a standstill.
Despite the gravity of the situation, Kettering Health has maintained its stance of not paying the hackers any ransom. John Weimer, the senior vice president of emergency operations at Kettering Health, reiterated this position in a statement to local media outlets.
When contacted for comment, a spokesperson for Kettering Health declined to provide additional information. Similarly, Interlock did not respond to requests for comment sent to the email address listed on their dark web site.
An examination of the data published by Interlock reveals a range of sensitive information stolen from Kettering Health’s internal network. This includes private health data like patient names, numbers, and clinical summaries, as well as employee information and shared drive contents. Shockingly, the hackers also obtained confidential details of police officers affiliated with the Kettering Health Police Department.
In a recent update on the cyberattack, Kettering Health announced that they have successfully restored core components of their electronic health record system, powered by Epic, a leading healthcare software provider. This development marks a significant milestone in the recovery process, enabling the company to resume critical operations and ensure seamless patient care.
The aftermath of the ransomware attack on Kettering Health serves as a stark reminder of the growing threat posed by cybercriminals to healthcare organizations. As the healthcare system continues to grapple with the fallout of the breach, stringent cybersecurity measures and vigilance are more crucial than ever to safeguard sensitive data and protect patient privacy.