On Sunday night, September 27th, reports of a possible ransomware attack began to appear on Reddit from people who work for Universal Health Service (UHS), a company operating over 400 healthcare facilities in the US and the UK. Some of the employees reported that files were being renamed using the file extension “.ryk” which has been associated with the Ryuk ransomware in the past. Another report described the ransom demand in a file named “RyukReadMe.html” that contained email addresses on the protonmail.com service to communicate with the attackers. Affected hospitals are across the US including in California, Florida, Texas, Arizona and Washington, D.C., where hospital employees report that phones and critical computer systems providing patient information including old labs, EKGs and radiology studies are down. According to some reports, employees were told to shut down all systems to block the attackers from gaining control of more computers. UHS has made no official statement yet regarding the attack.
Watch the Video
How does Binary Defense help protect your organization? With best in breed cybersecurity tactics, techniques, and services, we make sure that your environment is secure against the most advanced attacks.