{
	"id": "59488b3a-00f0-4eb2-a056-1c6a103d7916",
	"created_at": "2026-04-06T03:36:54.000512Z",
	"updated_at": "2026-04-10T03:20:04.197627Z",
	"deleted_at": null,
	"sha1_hash": "40ef280ca1f89c96f6d979bb601cbd337df605ce",
	"title": "FBI: Conti ransomware attacked 16 US healthcare, first responder orgs",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 1503546,
	"plain_text": "FBI: Conti ransomware attacked 16 US healthcare, first responder orgs\r\nBy Sergiu Gatlan\r\nPublished: 2021-05-21 · Archived: 2026-04-06 03:13:39 UTC\r\nThe Federal Bureau of Investigation (FBI) says the Conti ransomware gang has attempted to breach the networks of over a\r\ndozen U.S. healthcare and first responder organizations.\r\nThe info was shared via a TLP:WHITE flash alert issued Thursday to help system admins and security professionals defend\r\ntheir orgs' networks against future Conti attacks.\r\nAt least 16 organizations targeted\r\n\"The FBI identified at least 16 Conti ransomware attacks targeting U.S. healthcare and first responder networks, including\r\nlaw enforcement agencies, emergency medical services, 9-1-1 dispatch centers, and municipalities within the last year,\" the\r\nFBI Cyber Division said.\r\nhttps://www.bleepingcomputer.com/news/security/fbi-conti-ransomware-attacked-16-us-healthcare-first-responder-orgs/\r\nPage 1 of 4\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/fbi-conti-ransomware-attacked-16-us-healthcare-first-responder-orgs/\r\nPage 2 of 4\n\nVisit Advertiser websiteGO TO PAGE\r\n\"These healthcare and first responder networks are among the more than 400 organizations worldwide victimized by Conti,\r\nover 290 of which are located in the U.S.\"\r\nAccording to the FBI, Conti ransom demands are custom-tailored to each victim, with recent ones being as high as $25\r\nmillion.\r\nAdditionally, if the ransom is not paid within eight days, Conti ransomware operators would also contact their victims using\r\nVoice Over Internet Protocol (VOIP) services (a tactic also used by Doppelpaymer and other groups) or encrypted email\r\nservices.\r\nVictims are urged to share information on Conti ransomware attacks that hit their networks to help the FBI prevent future\r\nattacks and identify the gang members' identities.\r\nCyber attacks targeting networks used by emergency services personnel can delay access to real-time digital\r\ninformation, increasing safety risks to first responders and could endanger the public who rely on calls for service\r\nto not be delayed. [..] Targeting healthcare networks can delay access to vital information, potentially affecting\r\ncare and treatment of patients including cancellation of procedures, rerouting to unaffected facilities, and\r\ncompromise of Protected Health Information. — FBI Cyber Division\r\nThe Conti ransomware gang\r\nConti ransomware is a private Ransomware-as-a-Service (RaaS) operation believed to be controlled by a Russian-based\r\ncybercrime group known as Wizard Spider.\r\nConti shares some of its code with the notorious Ryuk Ransomware, whose TrickBot distribution channels they started using\r\nafter Ryuk activity decreased around July 2020.\r\nThis ransomware gang has recently breached the networks of Ireland's Health Service Executive (HSE) and Department of\r\nHealth (DoH), asking the former to pay a $20 million ransom after successfully encrypting its systems.\r\nEven though the DoH was able to block Conti from encrypting its systems, the HSE was not as lucky and was had to shut\r\ndown all I.T. systems to prevent the ransomware from spreading through its network.\r\nFollowing the attack on Ireland's public healthcare system, the Conti gang released a free decryptor for the HSE but warned\r\nthat the 700 GB of data stolen from their network will still be released or sold.\r\nThe U.S. government previously warned the healthcare industry of ransomware targeting hospitals and healthcare providers\r\nin October 2020, after Ryuk operators took down the computer and phone systems of Fortune 500 hospital and healthcare\r\nservices provider Universal Health Services (UHS).\r\nhttps://www.bleepingcomputer.com/news/security/fbi-conti-ransomware-attacked-16-us-healthcare-first-responder-orgs/\r\nPage 3 of 4\n\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/fbi-conti-ransomware-attacked-16-us-healthcare-first-responder-orgs/\r\nhttps://www.bleepingcomputer.com/news/security/fbi-conti-ransomware-attacked-16-us-healthcare-first-responder-orgs/\r\nPage 4 of 4",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://www.bleepingcomputer.com/news/security/fbi-conti-ransomware-attacked-16-us-healthcare-first-responder-orgs/"
	],
	"report_names": [
		"fbi-conti-ransomware-attacked-16-us-healthcare-first-responder-orgs"
	],
	"threat_actors": [],
	"ts_created_at": 1775446614,
	"ts_updated_at": 1775791204,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/40ef280ca1f89c96f6d979bb601cbd337df605ce.pdf",
		"text": "https://archive.orkl.eu/40ef280ca1f89c96f6d979bb601cbd337df605ce.txt",
		"img": "https://archive.orkl.eu/40ef280ca1f89c96f6d979bb601cbd337df605ce.jpg"
	}
}