Man
Professional
- Messages
- 3,121
- Reaction score
- 688
- Points
- 113
The data is already up for sale on the dark web: who will be the first buyer?
As a result of a cyberattack on a network of French hospitals, the data of 1.5 million patients was compromised. A hacker under the pseudonym "nears" said that he had access to the medical records of all victims, but so far only half of the available array has been put up for sale.
The attacker claims to have hacked into the MediBoard system developed by Softway Medical Group. This company provides solutions for managing medical data in Europe. Softway Medical confirmed the attack, stressing that the leak was due to the use of stolen credentials and not due to a vulnerability in their software.
According to the company, the stolen patient data was not stored by Softway Medical, but on the servers of the hospital itself. In an email, Softway Medical noted, "Our software is not the cause of the incident. The compromise occurred through a privileged account in the client's infrastructure." The client, in this case, is Aléo Santé, which owns all the affected hospitals.
A cybercriminal has put up for sale access to the MediBoard platform for the Centre Luxembourg and Clinique Alleray-Labrouste hospitals. Buyers are supposed to be able to access sensitive patient data, including health history, contact details, and prescription information.
To prove the fact of hacking, the hacker placed for sale the records of more than 750 thousand patients of one of the hospitals. This data includes full names, addresses, phone numbers, email addresses, doctors' appointments, and medical records.
So far, no buyers have been noticed. However, even if the database is bought, there is always a risk that later this information will still be published in the public domain, becoming valuable material for thousands of cybercriminals from all over the world. Experts warn that the leakage of such information significantly increases the likelihood of phishing, fraud and social engineering attacks on victims.
Source
As a result of a cyberattack on a network of French hospitals, the data of 1.5 million patients was compromised. A hacker under the pseudonym "nears" said that he had access to the medical records of all victims, but so far only half of the available array has been put up for sale.
The attacker claims to have hacked into the MediBoard system developed by Softway Medical Group. This company provides solutions for managing medical data in Europe. Softway Medical confirmed the attack, stressing that the leak was due to the use of stolen credentials and not due to a vulnerability in their software.
According to the company, the stolen patient data was not stored by Softway Medical, but on the servers of the hospital itself. In an email, Softway Medical noted, "Our software is not the cause of the incident. The compromise occurred through a privileged account in the client's infrastructure." The client, in this case, is Aléo Santé, which owns all the affected hospitals.
A cybercriminal has put up for sale access to the MediBoard platform for the Centre Luxembourg and Clinique Alleray-Labrouste hospitals. Buyers are supposed to be able to access sensitive patient data, including health history, contact details, and prescription information.
To prove the fact of hacking, the hacker placed for sale the records of more than 750 thousand patients of one of the hospitals. This data includes full names, addresses, phone numbers, email addresses, doctors' appointments, and medical records.
So far, no buyers have been noticed. However, even if the database is bought, there is always a risk that later this information will still be published in the public domain, becoming valuable material for thousands of cybercriminals from all over the world. Experts warn that the leakage of such information significantly increases the likelihood of phishing, fraud and social engineering attacks on victims.
Source
