International Cyber Expo International Cyber Expo
  • About Us
Tuesday, 7 July, 2026
IT Security Guru
International Cyber Expo
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

REvil strikes Healthcare giant Grupo Fleury

Another healthcare provider suffers at the hands of Russian ransomware gang

by Beth Smith
June 25, 2021
in News
Xerox Corporation victim of Maze ransomware
Share on FacebookShare on Twitter

This week, Brazilian healthcare giant Grupo Fleury suffered a ransomware attack. Business operations were impaired up to the point that systems had to be shut down, leaving patients unable to book appointments for labs and other medical examinations online. On the 22nd of June, the Grupo Fleury website began displaying a warning message, alerting to the fact that its systems were suffering an attack, but that the company was doing its best to remediate the damage. The message also stated that “the causes of this unavailability originated from the attempted external attack on [their] systems, which are having operations re-established with all the resources and technical efforts for the rapid standardization of services.” 

Since the disclosure, several cybersecurity sources have confirmed the attack was launched by the REvil ransomware gang, also known as Sodinokibi. “The Healthcare industry and healthcare supply chain are both one of the top three targeted sectors worldwide. Additionally, REvil are launching a lot of attacks at the moment, having hit a maritime organisation in Brazil earlier this month,” said Andy Norton, European cyber risk officer at Armis.  

We are in the midst of watching ransomware gangs become more sophisticated and daring, often targeting companies just to prove a point. Following the ransomware on the healthcare provider, Robert Golladay, EMEA and APAC director at Illusive, believes that the fact that a ransomware gang has gained access to such sensitive information is concerning. “While it is not clear whether personal data was exfiltrated or not, it is best for Fleury to take all necessary steps to alert potentially affected parties and provide advice on how to best prepare for socially engineered scams”, Golladay said.  

REvil is demanding $5 million for the decrypter key and the assurance that no vital information will be leaked online. The fact that Grupo Fleury contains massive amounts of personal and medical patient data, exacerbates its value and once again giving an example as to why healthcare facilities all over the world are being targeted. Norton states that “with a revenue of $500 million USD, the victim would also classify as “big game”, and therefore considered more likely to make a ransom payment.” 

Commenting on the story, Niam Muldoon, global data protection officer at OneLogin says that “cybercrime is a business so all should think of it the same way. Out of all the various types of cybercrime activities ransomware is the one activity that has a high direct return of investment associated with it, by holding the victims ransom for financial payment. Taking the global economic environment and current market conditions into consideration cyber criminals will of course continue to focus on their efforts to this revenue generating stream.”  

Ultimately, no organisations should consider themselves as safe from ransomware, especially not the healthcare sector. Cyber-criminals will not stop at a chance to exploit vulnerable and unprotected businesses for financial profit, which is why it is vital to have sufficient defences in place. Golladay suggests that “today’s threats make it essential to look for bad actors that might already be within the network, and this can be done by creating a hostile environment for an attacker and blocking lateral movement before critical systems are compromised.” 

ShareTweet
Previous Post

PS3 users reportedly banned from their accounts as a result of possible data breach

Next Post

New study from Armis reveals majority of UK workforce think cyberattacks will have major impact on everyday life

Recent News

Mike Winston on Why Jet.AI Shifted From Aviation to AI Infrastructure

Mike Winston on Why Jet.AI Shifted From Aviation to AI Infrastructure

July 7, 2026
George Murnane’s One-Question Test for Real AI

George Murnane’s One-Question Test for Real AI

July 7, 2026
Registration Now Open for International Cyber Expo 2026

Registration Now Open for International Cyber Expo 2026

July 7, 2026
Forescout

Forescout recognised by NATO for cybersecurity capabilities across IT and OT environments

July 7, 2026

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2026 IT Security Guru - Website Managed by Dessol

  • About Us
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2026 IT Security Guru - Website Managed by Dessol