University Hospital New Jersey (UHNJ) is apparently the most recent victim of the SunCrypt ransomware. The operators behind SunCrypt claim to have obtained 240GB of data, 1.79GB of which have been uploaded to their darknet leaks site. Of the uploaded data which has already been analyzed by Bleeping Computer, an alarming amount of sensitive information was seen. Patient information release forms were included in the dump which included patient names, date of birth, social security numbers, residential addresses, telephone numbers, and signatures. The stolen data dates as far back as August 2012, and as recent as November 6th, 2019. In a number of instances scans of patient driver’s licenses were also attached to the documents. Detailed information from the hospital’s board of directors was also included in the breach along with information about the board’s meetings and a schedule of upcoming board meetings.
Intro The Binary Defense threat hunting team are experts on today’s threat actor groups. In