Ransomware Attack on Keralty Disrupts Colombia's Healthcare System

Colin Thierry
Colin Thierry Writer
Colin Thierry Colin Thierry Writer

The Keralty multinational healthcare organization fell victim to a RansomHouse ransomware attack last week, which disrupted the websites and operations of the company and its subsidiaries.

Keralty is a Colombian healthcare provider that operates an international network of 12 hospitals and 371 medical centers in Latin America, Spain, the US, and Asia. The provider employs 24,000 people and 10,000 medical doctors who provide healthcare services to over six million patients.

Keralty also offers additional healthcare services through its subsidiaries, Colsanitas, Sanitas USA, and EPS Sanitas.

Over the past week, Keralty and its subsidiaries EPS Sanitas and Colsanitas had their IT operations disrupted, including their websites and the scheduling of medical appointments.

These IT outages also impacted Colombia’s healthcare system, as reports indicated that patients were waiting in line for over twelve hours to receive care and some patients even fainted due to a lack of medical attention.

On Monday, Keralty announced that they were experiencing technical issues but didn’t say what was the cause. However, on Wednesday the healthcare provider issued another statement that confirmed the disruption was caused by a cyberattack on their network, leading to technical failures in their IT systems.

“The computer servers of the Keralty Group companies have been the object of a cyberattack, which has generated technical failures in our systems,” read a translated statement from Keralty.

“From the moment it was identified, we have been working 24 hours a day, both from the technological team and from the medical and administrative team, to provide continuity of care to our members,” the company said.

“Likewise, from the beginning, this situation was brought to the attention of the competent authorities and the respective criminal investigation has been initiated,” Keralty added. “In order to maintain attention to our users, from Keralty we continue to implement the necessary contingency plans to maintain the service.”

According to reports, a Twitter user named Alexánder tweeted a screenshot of a VMware ESXi server with a ransom note displaying “Dear Keralty.” This indicated that the healthcare provider fell victim to a ransomware attack.

About the Author

About the Author

Colin Thierry is a former cybersecurity researcher and journalist for SafetyDetectives who has written a wide variety of content for the web over the past 2 years. In his free time, he enjoys spending time outdoors, traveling, watching sports, and playing video games.

Leave a Comment