Inc Ransom Has Breached US-Based Maryhaven

By Bogdan Pătru . 23 June 2024

Tech Writer

Fact-Checked this

Inc Ransom has announced another victim recently. This time, it’s the US-based Maryhaven, an enterprise providing behavioral health services in Columbus, Ohio. No other details have been posted about the operation.

Inc Ransom is known to use the double extortion tactic to coerce the victims into negotiating
The hackers present themselves as cybersecurity experts to trick the victims into paying the ransom
The gang is very active, typically producing at least a victim per day, although not consistently
Maryhaven hasn’t commented on the recent attack, so it’s unclear how they’ve decided to approach the matter

Ransomware actors have become extremely active over the past year, seemingly because of the victims being more willing to pay the ransom. Which might seem absurd at first. Why would anyone pay the ransom?

There are several reasons for that. The first is to gain access to the decryptor, given that ransomware hackers will almost always encrypt the victim’s system. Without the decryptor, the victim may lose all of the data recorded on the machine.

X showing the INC RANSOM attack on Maryheaven — https://x.com/FalconFeedsio/status/1804339447745434053

Another reason is because of the direct effects of having the stolen data exposed publicly. It’s understandable why most victims would mind if that were to happen.

Finally, there’s a third reason, which is the legal implication of experiencing a ransomware breach. That’s because service providers are responsible for their staff and clients’ data. Any system breach will make them directly liable.

It’s no wonder why so many victims decide to pay. Unfortunately, as cybersecurity analysts explain, paying the ransom doesn’t do much. On the contrary, it could have the opposite effect.

Should You Pay Inc Ransom?

The short answer is no. In theory, the hackers are supposed to provide the victim with the decryptor and delete the stolen data after the ransom is paid. In practice, that is rarely the case.

The attackers will offer the decryptor, but they will rarely dispose of the stolen data. Instead, they prefer to either keep it to themselves for later use, or sell it to other cybercriminal gangs. And the worst part about it is that the victim can’t verify that.

So, whether you’re paying the ransom or not, the truth is that the data is most likely reaching third-party actors anyway. This explains why ransomware victims are often coerced by different actors and even breached multiple times in a row.

Then there’s another problem worth discussing. Paying the ransom will immediately mark you as vulnerable. The hackers now know that you’re willing to pay big to protect your data from reaching the public eye.

This means it’s highly likely that the hackers will target you again in the future. Other ransomware gangs will to, because the word spreads like wildfire on the Dark Web.

So, what should you do if you get breached? The standard advice is: do not pay the ransom and do not negotiate. The situation is obviously more nuanced than that, since not everybody can subscribe to that for a variety of reasons.

But it’s worth being aware of the consequences of paying.

Our Mission

We believe security online security matters and its our mission to make it a safer place.

Author, Creative Writer, and Tech-Geek Bogdan has followed his passion for the digital world ever since he got his hands on his first PC. After years of accumulating knowledge and experience, the good Samaritan in him whispered to him one day about the virtue of sharing that knowledge with those who needed it. It was in 2014 when that idea would grow into a life-defining passion. One that keeps driving him to this day.

Cookie	Duration	Description
CookieLawInfoConsent	1 year	CookieYes sets this cookie to record the default button state of the corresponding category and the status of CCPA. It works only in coordination with the primary cookie.
viewed_cookie_policy	1 year	The GDPR Cookie Consent plugin sets the cookie to store whether or not the user has consented to use cookies. It does not store any personal data.
wpEmojiSettingsSupports	session	WordPress sets this cookie when a user interacts with emojis on a WordPress site. It helps determine if the user's browser can display emojis properly.

Cookie	Duration	Description
_ga	1 year 1 month 4 days	Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.
_ga_*	1 year 1 month 4 days	Google Analytics sets this cookie to store and count page views.
_gat_UA-*	1 minute	Google Analytics sets this cookie for user behaviour tracking.
_gid	1 day	Google Analytics sets this cookie to store information on how visitors use a website while also creating an analytics report of the website's performance. Some of the collected data includes the number of visitors, their source, and the pages they visit anonymously.
_omappvp	1 year 1 month 4 days	The _omappvp cookie is set to distinguish new and returning users and is used in conjunction with _omappvs cookie.
_omappvs	20 minutes	The _omappvs cookie, used in conjunction with the _omappvp cookies, is used to determine if the visitor has visited the website before, or if it is a new visitor.

Inc Ransom Has Breached US-Based Maryhaven

Should You Pay Inc Ransom?

Our Mission

Bogdan Pătru

Leave a Comment Cancel