Ransomware Gang Claims Responsibility for Kettering Health Hack

A ransomware gang has claimed responsibility for the recent cyberattack on Kettering Health, a network of hospitals, clinics, and medical centers in Ohio. Interlock, a relatively new ransomware group targeting U.S. healthcare organizations since September 2024, published a post on its dark web site, claiming to have stolen over 940 gigabytes of data from Kettering Health.
The healthcare system was forced to shut down all its computer systems two weeks ago following the attack. Kettering Health has not yet paid the ransom demanded by the hackers, according to John Weimer, the company’s senior vice president of emergency operations. Interlock’s decision to publicly take credit for the breach suggests that ransom negotiations may have failed, with the group now threatening to release stolen data.
The stolen information includes private patient records, employee data, and sensitive files from Kettering Health’s internal network. Among the leaked documents are clinical summaries, police department files, and other confidential information.
In a recent update, Kettering Health reported that it had restored core components of its electronic health record system, marking a significant step toward resuming normal operations. However, the full impact of the breach on patient care and data security remains unclear.

Published: 6/5/2025