A cyberattack targeting MedOrderOne, a provider of prescription systems used in clinics and hospitals, is disrupting operations at several healthcare facilities this morning. The Cyber Popular Army group has claimed responsibility for the operation, stating that it compromised the vendor and then affected clients “indirectly,” notably through an update mechanism.
According to several sources consulted, crisis teams have already activated continuity measures, switching to paper-based procedures for the medication management process in the most sensitive departments while assessing the true extent of the incident.
Publication of samples attributed to healthcare facilities
Cyber Popular Army has published what it presents as data samples originating from several healthcare institutions. Among the excerpts released is one attributed to the private Aureviano clinic:
Aureviano – Patient extract
Patient_ID : AU-1049832
Name : M******, L****
Date of birth : 1984–
Department : Emergency
Prescription : Amoxicillin 1g — 1 dose / 8h
Date/time : 06:58
CyberDigitalNews is not in a position to independently confirm the exact origin of this file at the time of publication. However, the nature of the fields shown suggests the potential exposure of personal data and health data, which are particularly sensitive for such institutions.
Ransom and threat of disclosure
The group says it is demanding a ransom set at €3,500,000, accompanied by a threat to progressively publish additional batches of data in the event of non-cooperation. The targeted organizations are invited to make contact through an encrypted channel mentioned by the group.