The INC Ransom extortion gang is threatening to publish three terabytes of data allegedly stolen after breaching the National Health Service (NHS) of Scotland.
In a post yesterday, the cybercriminals shared multiple images containing medical details and said that they would leak data "soon," unless the NHS pays a ransom.
Scotland's NHS is the country’s public health system, providing services ranging from primary care, hospital care, dental care, pharmaceutical, and long-term care.
INC Ransom is a data extortion operation that emerged in July 2023 and targets organizations in both the public and the private sector. Among the victims are education, healthcare, and government organizations, and industrial entites like
Yamaha Motor.
Reports about a cybersecurity incident disrupting NHS Scotland services appeared on March 15, likely when the attack occurred.
In yesterday's post, the threat actor published several sample documents with sensitive information about doctors and patients, including medical assessments, analysis results, and psychological reports.
