The LockBit ransomware group claims to have hacked the healthcare company Varian Medical Systems and threatens to leak the medical data of cancer patients.
Varian Medical Systems, Inc. designs, manufactures, sells, and services medical devices and software products for treating cancer and other medical conditions worldwide. It operates through two segments, Oncology Systems and Imaging Components.
The company is owned by Siemens Healthineers and has 3 billion dollar revenues.
“ALL DATABASES AND PATIENT DATA WAS EXFILTRATED AND PREPARED TO BE PUBLISHED ON THE BLOG” states the Lockbit gang on its TOR leak site.
Lockbit has fixed the deadline for the ransom payment on August 17, 2023.
If confirmed the incident could have a dramatic impact on the privacy of cancer patients. The company has yet to disclose the security incident.
This year other companies owned by Siemens suffered a security breach.
In April, Siemens Metaverse, a virtual space built to mirror real machines, factories, and other highly complex systems, exposed sensitive data, including the company’s office plans and internet of things (IoT) devices.
In June, the Clop ransomware group added new victims of MOVEit attacks to its dark web leak site, including the industrial giants Schneider Electric and Siemens Energy. Both Schneider Electric and Siemens Energy provide Industrial Control Systems (ICS) that are used in critical national infrastructure worldwide.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Varian Medical Systems)