The Florida Department of Health, the first accredited public health system in the United States, has reportedly fallen victim to a ransomware attack by the notorious RansomHub group. The attackers claim to have accessed a staggering 100 GB of organizational data and have threatened to publish the stolen information within the next three to four days.
The implications of such a breach are potentially devastating, given the sensitive nature of the data held by the Florida Department of Health. The organization is responsible for a wide range of public health services, from disease prevention and health promotion to emergency preparedness and response. A data leak of this magnitude could expose personal health information, disrupt health services, and undermine public trust in the state’s health system.
UNCONFIRMED: NTT DATA Romania Data Breach
Simultaneously, NTT DATA, a global leader in business and technology services, has also been targeted by RansomHub. The group claims to have accessed 230 GB of data from the Romanian division of NTT DATA, with plans to publish it within the same timeframe of three to four days.
NTT DATA Romania is a critical player in the IT and business solutions sector, providing services that include consulting, system integration, and IT infrastructure management. A breach of this scale could have severe repercussions, affecting not only the company’s operations but also the clients it serves across various industries.
The Cyber Express Outreach and Unverified Claims
The Cyber Express Team has reached out to both the Florida Department of Health and NTT DATA Romania to verify the claims made by RansomHub. As of the writing of this report, no official responses have been received from either organization, leaving the claims unverified.
However, if these claims are proven to be true, the ramifications could be extensive. Data breaches of this nature can lead to significant financial losses, legal consequences, and reputational damage for the affected organizations. Moreover, the compromised data could be used for malicious purposes, further endangering individuals and businesses.
Historical Context of RansomHub’s Activities
This latest attack is part of a series of high-profile cyberattacks attributed to RansomHub and other ransomware groups in recent months. In June 2024, RansomHub, along with RansomHouse, allegedly carried out three major cyberattacks in Italy within 24 hours. The targeted entities included the websites of Cloud Europe and Mangimi Fusco, with RansomHouse claiming responsibility for a cyberattack on Francesco Parisi.
In May 2024, RansomHub claimed responsibility for a cyberattack on Christie’s auction house. This attack disrupted Christie’s website just days before its marquee spring sales and led to the leaking of data that allegedly included information about some of the world’s wealthiest art collectors. Despite the severity of the claims, Christie’s officials downplayed the breach, stating that no financial or transactional data had been compromised.
Additionally, in the same month, RansomHub was implicated in a cybersecurity incident involving United Health. This incident was part of the ALPHV ransomware group’s final breach and exit scam, which involved a significant payment of $22 million.
As the situation unfolds, it is crucial for the affected organizations, the Florida Department of Health and NTT DATA Romania, to respond promptly and transparently.
For now, the claims by RansomHub remain unverified. The Cyber Express Team will continue to monitor the situation and provide updates as more information becomes available.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
