Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
The western Pacific island nation’s health ministry has been hit by an alleged cyber attack, with the hackers threatening to release the data within days.
The Micronesian archipelago of the Republic of Palau has been listed as a victim on the darknet leak site of a notorious ransomware gang.
The Qilin ransomware-as-a-service operation claimed to have successfully hacked the Palau Ministry of Health and Human Services (MHHS) in a leak post dated 20 February.
“All data of this company will be available for download on 27.02.2025,” Qilin said in the post before sharing details of the victim, including how many people it employs and, curiously, its apparent revenue.
However, no details of the alleged hack have been shared, nor has any evidence been provided.
Cyber Daily has reached out to the ministry for comment but has yet to receive a response; however, the ministry did reveal earlier this week that it was the victim of a cyber attack.
“The MHHS was the target of a cyber attack. Work to determine the extent of the attack is ongoing. Despite the incident, the hospital remains open, and patients are encouraged to continue seeking care as usual,” the ministry said in an 18 February statement.
“Residents can attend Belau National Hospital as you normally would, as services do continue.
“We ask the public for support as staff work to implement mitigation measures. We will provide updates to the public as they become available.”
At the time, the ministry was unable to confirm whether patient data had been affected.
Qilin takes its name from a creature from Chinese myth; however, its members have been observed communicating in Russian on several hacking forums. The group was first observed in August 2022 and has since then claimed 359 victims; it currently ranks the number 12 ransomware group in terms of activity behind groups such as BianLian, 8Base, and RansomHub.
The gang is responsible for a devastating attack on the UK-based pathology services provider Synnovis Group, which impacted five London hospitals in June 2024. The attack was declared a critical incident that led to the postponement of patient procedures and operations.
Qilin’s most recent Australian victim was Australian freight forwarder Globelink International. One of the gang’s affiliates claimed to have stolen 22 gigabytes of data, totalling 29,843 files, on 23 December last year.
The Palau Ministry of Health and Human Services provides healthcare services throughout the 340 islands of the Republic of Palau. The ministry is located in the city of Koror, and Palau has a population of 16,766 as of its 2021 census.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
