HIPAA Journal reports:
Kettering Health is continuing to make progress in recovering from its May 20, 2025, ransomware attack. While its EHR has been restored, other IT systems remain offline, with disruption continuing at its Ohio medical centers and outpatient facilities. Earlier this week, Kettering Health issued an update confirming that a small subset of patient data was stolen in the attack, although the extent of the data breach has yet to be confirmed.
Kettering Health has not named the ransomware group behind the incident, although CNN claimed to have viewed a copy of a ransom note indicating the Interlock ransomware group was responsible. This week, Interlock claimed responsibility for the attack and added Kettering Health to its dark web data leak site and listed the stolen data for download, indicating the ransom was not paid.
The Interlock claims to have stolen 941 GB of data from Kettering Health before ransomware was used to encrypt files. The stolen data includes 732,490 files spread across 20,418 folders.
Read more at HIPAA Journal.
