Mediclinic targeted in alleged Everest ransomware attack
Cybersecurity researchers warn the alleged breach could expose employees to identity theft and fraud.
A ransomware group known as Everest has claimed responsibility for a cyberattack on Mediclinic, a private international hospital group with operations across multiple continents.
The cartel alleges it has stolen personal data belonging to 1,000 employees, along with 4GB of confidential internal documents. The group is now threatening to leak the stolen data unless it receives payment within five days.
Mediclinic operates across multiple countries, providing private healthcare services in South Africa, Namibia, Switzerland, and the UAE.
The company runs hospitals, clinics, and specialised medical facilities and reports annual revenue exceeding $5 billion, making it one of the largest players in the private healthcare sector globally.
Cybersecurity analysts warn that such breaches pose significant risks to staff, including the possibility of identity theft, fraud, or phishing campaigns using the stolen information. Internal documents could also expose the company to further cyberattacks or legal consequences.
Everest has been linked to BlackByte, a ransomware cartel allegedly affiliated with Russia, and has claimed a growing number of high-profile victims.
The gang recently alleged an attack on Coca-Cola and has previously targeted companies such as AT&T. According to Cybernews’ Ransomlooker tool, Everest has listed 248 victims since 2023.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!