LockBit Backtracks Attack on SickKids Hospital

  |  Source: 

LockBit Backtracks Attack on SickKids Hospital

Category: Ransomware News | Industry: Healthcare | Level: Strategic | Source: SickKids

LockBit attempted to reverse damage from a ransomware attack against Toronto’s Hospital for Sick Children (SickKids) on December 18th, by providing the hospital with a free decryptor. The targeting of healthcare organizations is against the group’s rules, which were violated by a LockBit group member. Whilst only a few systems were impacted by the attack, the SickKids hospital suffered delays with patient care, imaging services and had issues with their payroll timekeeping system for staff. LockBit posted a response and apologized for the attack on the group’s blog site stating, “We formally apologize for the attack on sikkids[.]ca and give back the decryptor for free, the partner who attacked this hospital violated our rules, is blocked and is no longer in our affiliate program." The provided decryptor was only for a Linux/VMware ESXi decryptor and no Windows decryptor indicating the former affiliate member was only able to encrypt virtual machines on the SickKids computer network. The hospital released no response to LockBit’s apology and as of December 29th, the hospital announced they had restored services to 50% of impacted systems.

Get trending threats published weekly by the Anvilogic team.

Sign Up Now