An Iran-linked ransomware group known as Pay2Key has targeted a US healthcare organization in a recent cyberattack. The group, which has previously been associated with information theft operations, deployed ransomware against the healthcare facility during ongoing military tensions.
Incident responders investigating the attack found no evidence that data was exfiltrated during the intrusion. This represents an unusual development for Pay2Key operations, as US intelligence agencies have previously characterized the group's attacks as primarily focused on information theft rather than traditional ransomware deployment.