A cancer patient sued Irish Hospital after a ransomware attack. Irish Examiner reported, Cork a solicitor acting on behalf of a middle-aged family man, received cancer treatment filed the first legal case over the leak of sensitive medical information on the dark web after the hospital suffered a ransomware attack earlier this year.
The man has chosen to remain anonymous, while acting on his behalf the solicitor has other clients in a similar situation waiting to get justice.
According to the solicitor, “My client wants to remain anonymous for now but has consented to his cause being publicized without any identifying information. He recently underwent a long course of treatment for cancer in the Mercy and got the ‘all clear’ just before the data breach. He cannot speak highly enough of the treatment he got in the Mercy, but is understandably worried about the events that unfolded.”
Earlier in May, the Irish public healthcare service(HSE) was hit by a major ransomware attack, resulting in IT systems being shut down across the nation. Many patients’ appointments were canceled, and doctors were not able to access electronic records.
The solicitor said, “The proceedings have been served. The next step along the way will be to seek further details of the ‘hack’ through the discovery process in the courts.”
The ransomware attack leaked sensitive information related to 520 patients. This information was published by the hacking gang online alongside documents related to health service meetings and correspondence.
The Conti cybercrime group behind the ransomware attack resulted in knock-on effects on services, equipment, and access to patient records.
According to HSE chief executive Paul Reid, the cost of the attack could rise to €500,000m due to the significant capital costs in replacing infected devices.
The threat actors demanded $20 million as ransom to be paid in bitcoin. Though the HSE and the government refused to pay.
It is not going to help the hospitals to fight court cases, instead, they are better off focusing on their cybersecurity.