A UK health service supplier was hit with ransomware this month. It looks to have had a lasting effect, although the target (Advanced) have been persistent in claiming the issue has been mostly resolved.

Any theories who could have been behind it, or why there is little media coverage about it?

(August 19, 2022, 08:56 PM)MillicentBystander Wrote: A UK health service supplier was hit with ransomware this month. It looks to have had a lasting effect, although the target (Advanced) have been persistent in claiming the issue has been mostly resolved.

Any theories who could have been behind it, or why there is little media coverage about it?

Advanced has been very tight-lipped about the ransomware questions and there is no public statement from them as to whether they have made any ransom payment or not. 

AFAIK, Mandiant and Microsoft's DART team were engaged to help them investigate and recover, so I don't expect we'll get many details until after it's all over, but Advanced has promised early on that they would disclose IOCs after it was over, etc.  

As to impact, I think there is still a lot that may not be back online yet, and there was already a lot of impact to patient care.  Not being able to access patient records can be life-threatening in some cases. Not being able to dispatch ambulances can be life-threatening.