CarderPlanet
Professional
- Messages
- 2,549
- Reaction score
- 730
- Points
- 113
The incident occurred at the end of May, but its public disclosure was delayed for 4 months.
The State Register of Newborns of the Canadian province of Ontario confirmed a security breach affecting about 3.4 million people, including women who applied for medical care during pregnancy, as well as about two million newborns and children.
The BORN Ontario organization officially announced yesterday that hackers copied a vast array of its data, including information about people from January 2010 to May 2023.
The violation became known after the incident was discovered on May 31. The reasons why BORN publicly reported the leak just now remain unclear.
According to BORN, the cyberattack is linked to a massive hack of the MOVEit Transfer file transfer tool, which the Clop ransomware gang claimed responsibility for hacking in June.
In the course of its work, BORN collects data from medical institutions, laboratories, and hospitals that provide medical care to pregnant women and children. This data will be used in the future to improve the quality of medical care. It is unlikely that anyone thought that they would be abducted during a mass compromise.
After the incident, BORN contacted law enforcement and notified the Ontario Information and Privacy Commissioner, who oversees BORN's operations.
Cybercriminals stole names, dates of birth, addresses, postal codes and medical card numbers. Clinical information was also stolen, including examination and maintenance dates, lab test results, and other medical data.
Only time will tell whether the ransomware will use the received information for malicious purposes or whether any ethical restrictions will work inside them.
The massive hack of MOVEit affected more than 60 million people and more than a hundred companies. Clop hackers were able to take advantage of a vulnerability in the MOVEit software, which allowed for massive data exfiltration.
According to the latest data from security company Emsisoft, the breach in BORN is the sixth largest in a series of incidents related to MOVEit. The Clop account also includes attacks on other major MFT services, such as GoAnywhere in February this year and Accellion FTA in December 2020.
The State Register of Newborns of the Canadian province of Ontario confirmed a security breach affecting about 3.4 million people, including women who applied for medical care during pregnancy, as well as about two million newborns and children.
The BORN Ontario organization officially announced yesterday that hackers copied a vast array of its data, including information about people from January 2010 to May 2023.
The violation became known after the incident was discovered on May 31. The reasons why BORN publicly reported the leak just now remain unclear.
According to BORN, the cyberattack is linked to a massive hack of the MOVEit Transfer file transfer tool, which the Clop ransomware gang claimed responsibility for hacking in June.
In the course of its work, BORN collects data from medical institutions, laboratories, and hospitals that provide medical care to pregnant women and children. This data will be used in the future to improve the quality of medical care. It is unlikely that anyone thought that they would be abducted during a mass compromise.
After the incident, BORN contacted law enforcement and notified the Ontario Information and Privacy Commissioner, who oversees BORN's operations.
Cybercriminals stole names, dates of birth, addresses, postal codes and medical card numbers. Clinical information was also stolen, including examination and maintenance dates, lab test results, and other medical data.
Only time will tell whether the ransomware will use the received information for malicious purposes or whether any ethical restrictions will work inside them.
The massive hack of MOVEit affected more than 60 million people and more than a hundred companies. Clop hackers were able to take advantage of a vulnerability in the MOVEit software, which allowed for massive data exfiltration.
According to the latest data from security company Emsisoft, the breach in BORN is the sixth largest in a series of incidents related to MOVEit. The Clop account also includes attacks on other major MFT services, such as GoAnywhere in February this year and Accellion FTA in December 2020.
