Russian hackers plan to release data stolen from McKinney hospital onto dark web
McKINNEY, Texas (CBSDFW.COM) — Tonight, an unknown number of North Texans should prepare for their personal information to be sold on the dark web.
Russian hackers say they plan to release information on data files stolen from the servers at Methodist McKinney Hospital and two of its nearby surgery centers.
Cyber security experts like Andrew Sternke and other threat analysts say the hospital's decision not to pay ransom was the correct one.
"This group will release it out there on the dark web, basically selling the information," said Sternke. "This group had just basically stolen information versus locking down the whole system with the ransomware attack."
Brett Callow, a threat analyst, agreed. "I think it was absolutely the right call. Had the hospital paid, it had no guarantees that the data would have been deleted."
Among the 360 gigabytes of files the Karakurt hackers claim to have include invoices, contracts, accounting, prescription scans, patient cards, and financial documents including audits.
Methodist McKinney has not commented beyond a statement urging its patients to watch for fraud by "...reviewing your account statements, explanation of benefit forms, and monitoring your free credit reports for suspicious activity and to detect errors."
We trust hospitals with our most sensitive personal information.
Yet security experts tell us more than 50 hospitals across the US have had data stolen by hackers this year alone.
Sternke said, "They absolutely need to do more. Most attacks like this are preventable; they occur because of security weaknesses."
Patients and their family members we spoke with outside the hospital tell us off camera they're concerned and monitoring their credit.
Experts say at this point, there's little more they can do.