The Snake ransomware group has been actively targeting and attacking organizations all over the world. One of the more recent attacks saw them gain access to records belonging to the European private hospital operator, Fresenius. Patient data that was stolen in the attack is available on a paste website and the threat actors from Snake claim that there is “more to come.” The data revealed so far appears to have come from a medical facility in Serbia. Information included in the paste includes first and last names, gender, birth date, the nationality of the patient, profession, postal address, phone number, as well as next of kin details. A small amount of medical data included name and phone number of the general practitioner, notes on allergies, test results, and doctor’s observations regarding the treatment. Earlier in May, Bleeping Computer received a photo from the Snake group which appeared to be the database belonging to Fresenius which they planned on sharing publicly at a later time.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in