Russian medical lab suspends some services after ransomware attack

Customers of the Russian medical laboratory Helix have been unable to receive their test results for several days due to a “serious” cyberattack that crippled the company's systems over the weekend.

According to a statement the lab issued Monday, hackers attempted to infect the company's systems with ransomware. The company told Russian state-owned news agency Tass that its tech team partially restored the functionality of its website, mobile app and other e-health services without paying a ransom.

No customer personal data was leaked during the hack, according to Helix, but the company couldn’t deliver medical test results to its customers on time due to service disruptions.

As of Tuesday, some customers have received test results but many others complain on the company's official Telegram channel that they have not received results and seek refunds. Some commenters said they needed their test results prior to hospitalization, or were seeking COVID-19 tests.

To prevent similar cyberattacks in the future, the company has reset all customer passwords and strengthened its security protocols, it said. Aleksandr Luganskiy, the head of the information security department at Helix, told Tass that the need to involve law enforcement agencies will be determined based on an investigation’s findings.

Helix did not respond to a request for comment by the time of this story’s publication.

It is unclear which group is responsible for the cyberattack and whether the hackers are financially or politically motivated.

Earlier in May, a group of pro-Ukrainian hackers stated that they had stolen 14 terabytes of data from the Russian medical laboratory chain Citilab. The group released personal information of around 500,000 people, including names, dates of birth, phone numbers, and email addresses, allegedly as a warning to the company.

According to DLBI, a company specializing in data intelligence, the published data is authentic. It is currently unclear whether Citilab has made any contact with the hackers regarding the data leak.

Get more insights with the
Recorded Future
Intelligence Cloud.
Learn more.
No previous article
No new articles
Daryna Antoniuk

Daryna Antoniuk

is a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.