Bill Goodwin has an important update on the Maze ransomware group’s attack on a London entity that does clinical pharmacology testing. I had blogged about the attack on this entity after Maze went back on their public pledge to stop all activity against the medical sector. Although Maze had attacked the facility before their pledge, they dumped some of their data containing personally identifiable information publicly days after their public pledge. Some researchers — and journalists — responded with predictable reactions. In response to the pressure, or pleas, Maze team then removed the data files from public view, but did not publicly state that they would give the entity the encryption keys.
Bill Goodwin reports that happily, the entity was able to restore their systems without Maze’s help or keys. And yes, they are on standby to help with the COVID-19 testing.
HMR said that IT staff discovered a “severe attack” in progress on Saturday 14 March, but were able to halt it and restore its computer systems and email by the end of the day.
“We repelled [the attack] and quickly restored all our functions. There was no downtime,”said Malcolm Boyce, managing and clinical director and doctor at HMR, adding that the organisation had “beefed up” its defences substantially.
Read more on ComputerWeekly.