Hackers say Dutch lab paid ransom for stolen data; Laboratory won't confirm

The hacked Clinical Diagnostics laboratory in Rijswijk paid a ransom to prevent more stolen data from leaking to the dark web, Nova, the cybercriminal group that claimed the hack, told RTL Nieuws. A source within the laboratory also said the lab paid, but an official Clinical Diagnostics spokesperson wouldn’t confirm this, the broadcaster wrote.

Nova did not say how much the lab allegedly paid, but the hackers reportedly demanded millions of euros. Cybercriminal groups like Nova attack companies and organizations with ransomware, taking computer systems hostage and stealing data. They then extort the victim - pay a ransom, or your data will be leaked.

Nova hacked Clinical Diagnostics a month ago and published some of the data on the dark web on July 6. The leak includes patients' names, addresses, citizen registration numbers (BSNs), and test results.

Clinical Diagnostics is a laboratory used for all kinds of medical tests ordered by general practitioners, as well as the population screening for cervical cancer. The data breach affects 485,000 women who participated in the cervical cancer screening and around 50,000 patients sent for tests by their house doctor, including at least one Minister and one parliamentarian.

The laboratory declined to confirm to RTL Nieuws that it paid the ransom, but a line on its website suggests that it did: “We currently have no indications that the attacker will leak the copied data.”

If Clinical Diagnostics did pay the ransom, the chance is “extremely high” that the data will be deleted and no more will be published, cybersecurity expert Rickey Gevers told RTL Nieuws. It occasionally happens that stolen data ends up on the dark web after payment, but in the vast majority of cases, the cybercriminals delete the data. “These criminals had much more data and only published a small portion to increase the pressure, and with success.”