The KillSec Ransomware group has claimed responsibility for a cyberattack on MedicSolution, a healthcare software provider in Brazil, and is threatening to leak sensitive data unless a ransom is paid. According to a report from Resecurity, the hackers gained access to the data through an insecure Amazon S3 bucket that was exposed for several months.
The hackers stole more than 34 gigabytes of highly sensitive patient information, including over 94,818 files. The compromised data includes:
- Medical evaluations
- Lab results and X-rays
- Unredacted patient photos
- Records related to minors
Security experts were able to contact some of the affected patients who were not aware their personal information had been stolen. The KillSec group's focus on healthcare reflects a growing trend, as criminals use this highly sensitive data for extortion, knowing the potential for significant damage to both the organization and its customers.
This isn't the first time KillSec has targeted organizations in Brazil, and it's part of a recent series of attacks on the healthcare industry across the world. The group has also claimed responsibility for breaches on healthcare providers in the United States, Peru, and Colombia.
The data breach at MedicSolution could lead to serious legal consequences under Brazil's data protection law, the LGPD. The country's regulatory authority, the ANPD, has previously fined healthcare organizations for similar security failures, and a significant portion of all fines since 2023 have been directed at the healthcare sector.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
