First Nations Health Authority detected and interrupted attack by INC ransomware group

Posted on by Dissent
On May 22, INC ransomware added First Nations Health Authority to its leak site with screenshots as proof of claims. On the same day, First Nations Health Authority (FNHA) disclosed it is currently investigating a cybersecurity incident that it first detected on May 13.

“We took immediate action to investigate this activity and intercepted an unauthorized entity who had gained access to our corporate network. We immediately deployed countermeasures to block the unauthorized entity’s access and prevent any further unauthorized activity. There was no encryption of FNHA’s servers or systems as a result,” they state.

FNHA’s website notice explains that although the investigation is in its early stages, it has already uncovered evidence that certain employee information and limited personal information of others has been impacted. That statement is consistent with some of the screenshots posted by INC on their site.

“The ongoing investigation is the utmost priority for FNHA. We are working diligently, around the clock, to resolve this matter in a safe and secure manner,” they write.

INC has not made any comments about this incident on the leak site, and there is no indication whether there has been any contact or negotiation between the threat actors and FNHA.
Category: HackHealth DataNon-U.S.