Kansas healthcare company hit by ransomware attack

COFFEYVILLE, Kan. (KSNW) — A Kansas healthcare company was struck by a ransomware attack. Medicalodges, Inc. is now one of two companies successfully targeted by the Karakurt Ransomware Extortion Group.

“This particular one is pretty ruthless. They are known to be pretty malicious in getting what they want, so they are not to be trifled with,” Bill Ramsey, the CEO of Soteria Technology Solutions, said.

Sources say the notorious group claims it has access to 170 GB worth of Medicalodges, Inc. data, including social security numbers, client NDAs, and medical diagnoses. The group also claims it will release at least 158 GB worth of that data on April 17.

“That would be the equivalent of just text data filling up about two-and-a-half CDs worth of data, which is significant,” Ramsey said.

According to a June 2022 FBI dossier on the group: “…some victims reported Karakurt actors did not maintain the confidentiality of victim information after a ransom was paid…”

In a statement to KSN News, Medicalodges, Inc. says:

“Medicalodges is investigating a recent cyber-incident that has impacted our organization. Immediately upon learning of the incident, our team acted quickly to investigate and secure our systems. We have engaged external cybersecurity experts to assist in our investigation and response efforts. Our investigation is ongoing, and we will share information as appropriate. We understand this situation may be concerning to our community, and we appreciate their patience as we continue our investigation with the assistance of our experts.”