RansomHub Ransomware Hits BIG Pharmacy Exposing Data Vulnerabilities

Incident Date: Oct 17, 2024

Attack Overview

VICTIM

Big Pharmacy

INDUSTRY

Retail

LOCATION

Malaysia

ATTACKER

Ransomhub

FIRST REPORTED

October 17, 2024

Request Removal

RansomHub Ransomware Attack on BIG Pharmacy: A Detailed Analysis

BIG Pharmacy, a leading retail pharmacy chain in Malaysia, has recently fallen victim to a ransomware attack orchestrated by the notorious RansomHub group. This incident highlights the vulnerabilities faced by large enterprises in the healthcare sector, particularly those with extensive digital operations.

About BIG Pharmacy

Founded in 2006, BIG Pharmacy Healthcare Sdn Bhd has grown to become a prominent player in Malaysia's healthcare market. With over 270 outlets nationwide, the company offers a wide range of healthcare services and products, including medications, health consultations, and wellness products. The company's recent merger with Caring Pharmacy Group Bhd aims to expand its market share and enhance service delivery. BIG Pharmacy's commitment to digital innovation is evident through its mobile application, BIG Pharmacy 2.0, which facilitates online consultations and e-prescriptions.

Attack Overview

The RansomHub group claims to have infiltrated BIG Pharmacy's systems, exfiltrating approximately 50 GB of sensitive data. This breach includes clinical laboratory reports, medical certificates, prescriptions, and invoices, posing a significant threat to patient confidentiality. The attackers have set a ransom payment deadline for October 22nd, and have already leaked a sample of the stolen data to substantiate their claims.

RansomHub's Modus Operandi

RansomHub, a Ransomware-as-a-Service (RaaS) group, emerged in February 2024 and quickly established itself as a formidable threat in the cyber landscape. Known for its aggressive affiliate model, the group employs double extortion tactics, combining data encryption with exfiltration to pressure victims into paying ransoms. RansomHub's ransomware is optimized for speed and efficiency, targeting cross-platform systems and exploiting vulnerabilities in unpatched software.

Potential Vulnerabilities

BIG Pharmacy's extensive digital operations, including its mobile application and online services, may have exposed it to cyber threats. The company's rapid expansion and integration of digital solutions could have created potential entry points for threat actors. RansomHub's use of phishing campaigns and vulnerability exploitation, particularly in unpatched systems, underscores the importance of comprehensive cybersecurity measures for enterprises in the healthcare sector.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.