Canadian dental service pays ransom in 8base ransomware attack

/in


A Canadian provincial government body tasked with providing dental services has paid a ransomware demand after having data stolen in an 8base ransomware attack.

The Alberta Dental Service Corp. said Aug. 10 that it detected the ransomware attack on July 26, when the body discovered that certain data pertaining to public dental benefits programs it administers was implicated in a recent cybersecurity incident. ADSC took measures to prevent authorized access and hired a third-party forensic firm. The corporation was also able to recover affected systems and data from backups with minimal loss.

It’s believed that the data of approximately 1.47 million individuals were compromised, including, in a small number of cases, personal banking information, with those having banking information stolen being offered complimentary credit monitoring services.

So far, the story sounds like a standard ransomware attack where the victim was fortunate to have proper backups and was able to restore service promptly, but then it gets interesting, since ADSC paid the ransom demanded by 8base.

IT World Canada reported that corporate president Lyle Best said in an interview on Friday that a payment was made as part of negotiations between the organization’s cyber insurance provider and forensic investigator. The 8base gang then showed proof the data was deleted as part of the deal.

The amount of the ransom paid was not disclosed. 8base has been active since March 2022 and uses a combination of encryption and “name-and-shame” tactics to force victims to pay a ransom.

According to a report issued by researchers from VMware Inc. in June, the gang operations have similarities to previous ransomware campaigns, suggesting a level of sophistication and experience despite the group’s recent emergence on the ransomware and hacking scene. Typical of most leading ransomware groups in 2023, 8Base operates a leak site where it discloses information about its victims and uses intimidation tactics to pressure victims into paying a ransom.

“This breach underscores the critical need for robust security measures in the healthcare sector,” Erfan Shadabi, a cybersecurity expert with data…

Source…