{
	"id": "e074f769-276c-417e-acfb-830450d9cb7c",
	"created_at": "2026-04-06T00:09:06.436359Z",
	"updated_at": "2026-04-10T03:22:13.011199Z",
	"deleted_at": null,
	"sha1_hash": "412084847f4bf708ccabf4aa39931ac90c20df00",
	"title": "Hackers claim to publish prominent Israeli hospital’s patient data",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 97035,
	"plain_text": "Hackers claim to publish prominent Israeli hospital’s patient data\r\nBy Daryna Antoniuk\r\nPublished: 2023-09-07 · Archived: 2026-04-05 21:39:42 UTC\r\nHackers who breached an Israeli hospital near Tel Aviv last month said they started leaking stolen data because no\r\nransom was paid.\r\nThe ransomware attack on Mayanei Hayeshua Medical Center resulted in the shutdown of its administrative\r\ncomputer systems, leading the hospital to redirect new patients and those requiring emergency care to other\r\nmedical centers.\r\nThe Ragnar Locker ransomware gang claimed responsibility for the attack this week and said it is releasing the\r\nfirst batch of the hospital’s internal files. Israeli news outlet JNS has reported that the list of affected patients\r\npotentially includes top government officials, lawmakers and senior rabbis.\r\nSo, if there was a negotiation, it was not successful, as the Ragnar Locker gang just started leaking files\r\nfrom the medical center.\r\n😫\r\n\"According to our rules we are publishing the data which were compromised during security research of\r\nthe MYMC network.\"\r\nSecurity research?\r\n😂 pic.twitter.com/JKO9SHtVU6\r\n— MalwareHunterTeam (@malwrhunterteam) September 6, 2023\r\nThe disclosed data set is said to contain “a lot of personal information, internal emails, finances, medical cards,\r\nand other highly sensitive data,” according to a post from the group shared by the MalwareHunterTeam account\r\non social media site X.\r\nThe hackers said they didn’t encrypt the files on the hospital’s network because they didn’t want to damage\r\nmedical equipment.\r\nThe Record couldn't independently verify the hackers' claims and the authenticity of the stolen data. Mayanei\r\nHayeshua Medical Center didn’t respond to a request for comment.\r\nIsraeli Prime Minister Benjamin Netanyahu received treatment for prostate-related issues at Mayanei Hayeshu\r\nhospital in 2015. It remains unclear whether his records were among those exposed by hackers.\r\nIsrael's privacy protection authority, which investigated the incident, confirmed to local media that some sensitive\r\npersonal information indeed had been exposed but did not specify what type of data was stolen.\r\nThe Ragnar Locker hackers said the hospital refused to negotiate and didn't pay the ransom, which was previously\r\nreported to be “tens of millions of shekels” (1 shekel is about 0.25 dollars).\r\nhttps://therecord.media/israel-hospital-data-leaked-ragnar-locker-ransomware\r\nPage 1 of 3\n\n“We tried to draw their attention to the network issues and called them for discussion,” the hackers said. “After\r\nmultiple attempts to contact the management, it becomes clear to us that the management doesn’t care about the\r\nprivacy of their own patients.”\r\nThe hackers said they plan to release more data and the hospital's internal emails in the next few days.\r\n“Those organizations who are collecting and storing private data should be in charge of its privacy,” hackers\r\nclaim.\r\nThe Ragnar Locker group is not associated with any particular country. It has targeted various entities in the past,\r\nincluding Portugal's national airline, the Japanese gaming company Capcom, computer chip manufacturer Adata,\r\nand aviation giant Dassault Falcon.\r\nThe FBI reported that from April 2020 to March 2022, the Ragnar Locker ransomware was used to attack the\r\nnetworks of at least 52 organizations across various critical infrastructure sectors in the U.S.\r\nThe hackers’ attack on Mayanei Hayeshua Medical Center raised concerns among security researchers.\r\n“Absolutely appalled by the latest RagnarLocker attack and data leakage on Mayanei Hayeshua Medical Center in\r\nIsrael. Attacking healthcare facilities is not just immoral, it's devastating on so many levels,” said Ohad\r\nZaidenberg, founder of CTI League, a global group of cybersecurity volunteers who defend hospitals from\r\ncyberattacks.\r\n“Leaking this data can break families and push vulnerable individuals over the edge,” Zaidenberg added.\r\nhttps://therecord.media/israel-hospital-data-leaked-ragnar-locker-ransomware\r\nPage 2 of 3\n\nDaryna Antoniuk\r\nis a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in\r\nEastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for\r\nForbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.\r\nSource: https://therecord.media/israel-hospital-data-leaked-ragnar-locker-ransomware\r\nhttps://therecord.media/israel-hospital-data-leaked-ragnar-locker-ransomware\r\nPage 3 of 3",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://therecord.media/israel-hospital-data-leaked-ragnar-locker-ransomware"
	],
	"report_names": [
		"israel-hospital-data-leaked-ragnar-locker-ransomware"
	],
	"threat_actors": [],
	"ts_created_at": 1775434146,
	"ts_updated_at": 1775791333,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/412084847f4bf708ccabf4aa39931ac90c20df00.pdf",
		"text": "https://archive.orkl.eu/412084847f4bf708ccabf4aa39931ac90c20df00.txt",
		"img": "https://archive.orkl.eu/412084847f4bf708ccabf4aa39931ac90c20df00.jpg"
	}
}