NRS Healthcare reports ransomware attack

NRS Healthcare, a UK-based medical equipment supplier, has confirmed a ransomware attack by the RansomHub group.

The attack, which occurred in early April, was disclosed after RansomHub listed NRS Healthcare on its leak site, claiming to have breached the company on March 30 and stolen over 600,000 sensitive documents, including accounting, HR, financial reports, and contracts, totaling 578 GB of data.

The attack has taken all NRS Healthcare’s services offline, including phone lines, email, and websites, and has confirmed that data has been accessed, though initially believed to be only from an internal network and not core customer systems.

The gang is threatening to release thousands of the company’s documents if their demands are not met.

The company is implementing its business continuity plan, taken systems offline, and appointed external experts to investigate.

NRS Healthcare has not commented on the ransom demand nor has disclosed details of the attack, the impacted data or individuals.