OK: Saint Francis Investigating Hack by Seeming TDO Copycats
Well, Saint Francis Health System ignored multiple inquiries from me about the alleged hack I reported on recently, but now they’ve apparently issued a statement. Amy Slanchik of Newson6 in Oklahoma reports, in part:
Roberts said after working with forensics investigators, they discovered the information taken from the server appears to be a list of about 6,000 names and addresses. She said Social Security numbers, driver’s license and financial information are not included on the list.
The hospital disabled the server and discussed the situation with law enforcement and decided not to act on the demand for payment.
Read more on NewsOn6.
The hospital’s statement, below, indicates that those affected are being offered complimentary credit monitoring services. For names and addresses? That seems a bit unnecessary, but it’s also somewhat bizarre that anyone would try to issue a ransom demand of 24 BTC (approximately $14,400) for 6,000 names and addresses. And why would the hackers take just names and addresses if they had access?
This is just so not TheDarkOverlord’s methods or style. As I reported previously, this appears to be other hackers trying to capitalize on TDO’s name. Two parties have now told me that TDO really had nothing to do with this hack, and I tend to believe that.
Hopefully, the names and addresses really will turn out to be all they acquired, but sometimes forensics uncovers other things as examination continues.