According to sources, Montgomery General Hospital (a Medical organization in West Virginia) was hit with a cyber attack. It was first reported on 2023-04-02.

If You're in West Virginia, You're at Increased Risk

Cybersecurity for Medical

Manage your organization’s attack surface with SecuLore’s 24/7 network monitoring services.

  • 24/7 Threat Monitoring

  • Automated & AI Threat Detection

  • Proactive Threat Hunting

  • Incident Response & Remediation

  • Forensics & Root Cause Analysis

Source 1  |  2023-04-02

Employee and patient files from Montgomery General Hospital leaked by ransomware group

“D#nut Leaks ransomware group’s leak site about Montgomery General Hospital (MGH) in West Virginia. MGH is part of the Montgomery General Health Care System, Inc., which includes the hospital, Montgomery General Elderly Care, Montgomery General Extended Care, and Montgomery MedCorp, Inc. “

“D#nut Leaks had done more than add MGH’s name to their leak site. They had also dumped files from the hospital. DataBreaches asked how they gained access to MGH, the spokesperson answered, “via Microsoft Exchange exploit.” “

“Victims often do not respond to ransom demands or contacts from their attackers. In this case, MGH reportedly responded, and D#nut Leaks shared some chat logs with DataBreaches. The chat began on March 5 when someone showed up claiming to be a member of MGH’s executive team. D#nut’s negotiator (“d0nut”) told MGH "We are here to inform you that we have infiltrated your network and stayed there for 3 days (it was enough to study your documentation and gain access to your files and services). Also we have downloaded personal data related to your patients, employees and management. Since your business provides critical services and its infrastructure necessary for ordinary people health, we decided not to crypt or damage your network. But we still have downloaded sensitive data from there, so we could make a deal. We know that your IT team found us in your network, also we know that they installed Sentinel Antivirus to resist us. After few hours we removed this AV. At this point we made a decision not to damage your network, but to discuss this situation with your administration and negotiate about sensitive data we own from your network." “

“MGH did not make any counteroffer but asked for more information (an entire file tree and not just a partial one), a lower price, and more time. As we have seen in other cases, the hospital stated that as a non-profit, they could not afford what was demanded. The negotiator said they also had to go through specific processes to get board approval for expenses above a certain amount. There was no mention of any cyberinsurance. “

Guarding Against Ransomware

  • August 16, 2023

    Ransomware is on the Rise Again: Defense Against New Players

  • November 9, 2022

    Ransomware’s Hidden Costs: What You Need To Know

  • August 11, 2021

    How to Prevent and Respond to Ransomware Attacks

  • January 25, 2017

    How to Defend Public Safety from Ransomware

Guarding Against Data Breaches

  • January 28, 2025

    Protect What Matters Most: Make Data Privacy Day Count

  • August 12, 2020

    Be Prepared: Incident Response Planning For Your Agency

  • October 10, 2018

    Elections are Coming: So are Advanced Persistent Threats

  • June 13, 2018

    Securing Your Public Safety Agency: Critical Rules and Approaches

Cybersecurity for Critical Infrastructure

SecuLore provides Managed Detection and Response (MDR) to protect our nation’s critical infrastructure from cyber threats. Our expertise is built on deep knowledge of 9-1-1 technology, cyberwarfare, and ethical hacking, ensuring the highest level of cybersecurity for public safety agencies.

  • 24/7 Vulnerability & Threat Monitoring

  • Automated & AI Threat Detection

  • Specialized Threat Intelligence

  • Proactive Threat Hunting

  • Incident Response & Remediation

  • Forensics & Root Cause Analysis