Iowa hospital discloses breach following Royal ransomware leak
Clarke County Hospital on Wednesday disclosed that it suffered a data breach, one month after the Royal ransomware gang claimed responsibility for the attack and used a brazen extortion tactic.
Security researchers spotted the Iowa-based critical access hospital on the Royal ransomware data leak site, where it was first listed on April 24. About a week later, security researcher Dominic Alvieri noticed that Royal operators had reposted the Clarke County Hospital (CCH) listing and were actively leaking data that included an alleged video of a patient collapsing.
CCH didn’t acknowledge an attack until May 17, when it issued a data breach notification that the attack “may have exposed” personal information of current and former patients.
“CCH has found no evidence that your i …