Hacked Health Firm HCRG Demanded Reporting Take Down
Cybersecurity Journalist Defies U.K. Court Order
An independent cybersecurity journalist based in the United States has refused to adhere to a court injunction issued in the U.K. This action follows the journalist’s coverage of a recent cyberattack targeting HCRG, a significant private healthcare provider in the United Kingdom.
Injunction Details and Demand for Removal
Pinsent Masons, the legal firm representing HCRG, delivered the injunction on February 28th. They requested that DataBreaches.net remove two articles detailing the ransomware attack.
The notice, reviewed by TechCrunch, indicated the injunction was secured by HCRG at the High Court of Justice in London. Its purpose was to prevent the dissemination of confidential data compromised during the cyberattack.
Potential Consequences of Non-Compliance
The law firm warned DataBreaches.net that failing to comply with the injunction could lead to being held in contempt of court. This could potentially result in imprisonment, financial penalties, or the seizure of assets.
DataBreaches.net's Response
Operating under the pseudonym Dissent Doe, the journalist behind DataBreaches.net has declined to remove the published posts. Furthermore, details regarding the injunction itself were published in a blog post on Wednesday.
Dissent, referencing advice from their legal counsel at Covington & Burling, maintains that DataBreaches.net is not subject to U.K. jurisdiction. They also assert that the reporting is protected under the First Amendment of the U.S. Constitution.
Specifics of the Court Order
Notably, Dissent points out that the court order does not explicitly name DataBreaches.net or reference the specific articles in question.
Legal Pressure in Cybersecurity Reporting
While legal threats are not uncommon in cybersecurity journalism, given the sensitive nature of the information often uncovered, injunctions and formal legal demands are rarely made public due to concerns about potential legal repercussions.
This case provides a unique glimpse into how U.K. law can be utilized to compel the removal of published stories that may be damaging or unfavorable to companies.
HCRG Confirms Ransomware Attack
The legal correspondence confirms that HCRG experienced a ransomware cyber-attack.
Background on HCRG
Formerly known as Virgin Care, HCRG is one of the largest independent healthcare providers in the U.K. On February 20th, the company acknowledged investigating a cybersecurity incident. The Medusa ransomware group claimed responsibility, alleging the theft of 2 terabytes of data.
HCRG employs over 5,000 individuals and serves a patient base exceeding half a million across the United Kingdom.
Statements from Involved Parties
Alison Klabacher, a spokesperson for HCRG, stated to TechCrunch: “We can confirm that we took legal action aimed at preventing republication of any data accessed by the criminal group, to minimise potential risk to those who may have been affected.”
HCRG’s spokesperson further added that they are investigating the incident with external specialists and will notify affected individuals as necessary.
Neil Kennedy, representing Pinsent Masons, declined to comment when contacted by TechCrunch.
Details of the Legal Demand
Pinsent Masons cited two DataBreaches.net posts in their legal demand. These posts reported the Medusa ransomware gang’s claim of responsibility for the HCRG cyberattack and the threat to publish stolen personally identifiable information and sensitive health data if a ransom was not paid.
The gang substantiated their claims by publishing screenshots of the stolen data on their dark web leak site.
The information contained in the DataBreaches.net posts aligns with information independently verified and reported by TechCrunch and other news outlets.
Domain Registrar Involvement
According to Dissent, Pinsent Masons initially contacted DataBreaches.net’s domain registrar, threatening suspension of the web domain if the posts were not removed. However, the domain registrar later reversed its decision and declined to suspend the site.
Lack of Public Disclosure from HCRG
HCRG has not yet issued a public statement regarding the breach on its website. Dissent highlighted that independent journalists, including SuspectFile, have provided significant coverage of the HCRG cyberattack in the absence of updates from the company.
Concerns About Censorship
Dissent expressed concern that the court’s injunction could “prevent the public from finding out that the breach was a serious one with likely many people affected” and “could open the door to widespread censorship of journalists in the U.K. or elsewhere.”
They suggested that journalists with any connection to the U.K. could face similar injunctions demanding the removal of past reporting or prohibiting future coverage of data breaches involving U.K. entities.
Updated with response from Pinsent Masons.
Related Posts
Coupang CEO Resigns After Data Breach | South Korea
Petco Vetco Data Breach: Customer Information Exposed
FTC Upholds Ban on Stalkerware Founder Scott Zuckerman
Google Details Chrome Security for Agentic Features
Petco Data Breach: SSNs, Driver's Licenses Exposed
