DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Bits ‘n Pieces (Trozos y Piezas)

Posted on October 14, 2022 by chum1ng0

Es-CT: Update on Consorci Sanitari Integral Attack by RansomExx

Last week, DataBreaches reported an attack on the Consorci Sanitari Integral (CSI) system of hospitals and health centers in Catalonia. Since then, RansomExx claimed responsibility for the attack and claims to have 54 GB of files that include DNI and medical information of patients and employees.

On October 11, CSI issued a statement on the incident. They confirmed the compromise of data and have taken steps to restore systems and alert people to the risk of impersonations. They write, in part (translation):

The Cybersecurity Agency of Catalonia is already working to minimize the impact of the publication of the data.

The CSI will exercise all legal actions within its reach with respect to those responsible for any misuse or disclosure of information that goes against the confidentiality of the information affected by the cyberattack.

DataBreaches.net has sent several emails to CSI, but they bounced back.

Br: Government Access Offered for Sale by Everest

Everest team is offering government access for sale. In this case, they offer access to the https://www.rs.gov.br network, which appears to be the state government site for Rio Grande do Sul.

When asked by DataBreaches, Everest stated that the price is $10,000.00

Attempts to find an email address or a working contact form to contact the government were unsuccessful. The relevant contact form said “under maintenance,” and there is no way to send them a private message via their Twitter account. DataBreaches hopes that the government is aware of the sales listing and is reviewing their security.

CR: Municipality of Belen Victim of Attack Claimed by Karakurt

The municipality of Belen Costa Rica, has communicated the following (machine translated):

At 10:30 A.M today, Tuesday, October 11, 2022, we received a notification from the Ministry of Science and Technology (MICIT); where we are instructed to verify internally the institution because apparently we have been breached by a cyber attack by a group that claims to have hacked information from the Municipality of Belen in Costa Rica.

Allegedly stealing 373 GB of your data, so far, the group has not published any data that compromises the information of the institution or any of our users.

Since the alert was issued, the institution is conducting investigations with the contracts that currently support us, plus the support of MICITT.

For your security and that of all users, we will temporarily disable all online services provided by the institution.

As soon as we have information, we will inform you.

Karakurt threat actors claim responsibility for this attack and describe the files as corporate data “which include PDF and excel documents, real estate images, invoices, graphs, drawings of new buildings, videos from detentions and registration of protocols and much more others.”

The municipality has issued small updates:

As a security measure, the customer service unit will not be receiving e-mails and if you need to make a transaction you must do it in person.

They also issued a press release on October 12 that indicated they were still investigating the claimed attack.

The administration informs the population that public services will be maintained as normal for the tranquility of the community; for the safety of all users, all online services have been temporarily disabled.

When contacted, the municipality did not provide any additional details. DataBreaches was unable to contact Karakurt.

Co: Attack on Emtelco Claimed by Qilin

Emtelco.com.co S.A is a Colombian customer experience firm & BPO.

Threat actors called Qilin claim to have hundreds of gigabytes from this firm that they acquired in August. A small proof pack and directory screencap appear on the leak site. Qilin says they will post data until someone decides to buy it.

DataBreaches saw very little personal information in the proof pack, but there were many indications that emtelco files were involved. Emtelco did not reply to an email inquiry from DataBreaches asking them to confirm or deny any breach. Nor did we see any notification on their website or social network about any breach.

 Br: Attack on Fashion Retailer Lojas Torra Claimed by Qilin

Emtelco was not the only company added to the Qilin leaks site. They also added Lojas Torra, a fashion retailer in Brazil. Qilin claims to have acquired the data on September 7, writing, “We have all the data of customers and employees and we are ready to share them with you.”  A small proof pack was provided.

Both Emtelco and Lojas Torra were added to Qilin’s leak site on October 8.

Lojas Torra did not respond to an email inquiry from DataBreaches, and there is no disclosure on their website about any breach.

Qilin is believed to be connected to distribution of Agenda ransomware, as first reported by Trend Micro in August.


Editing and some additional content by Dissent.

 

 

 

 

 

 

 

Related posts:

  • Weekend update: Christie Clinic, CSI Laboratories report breaches
  • Bits ‘n Pieces (Trozos y Piezas)
  • The Norwegian SA issues fine to the Municipality of Østre Toten for flawed information security
  • No: Administrative fine issued to Grue municipality under GDPR
Category: Business SectorGovernment SectorHealth DataMalwareNon-U.S.

Post navigation

← Australian police secret agents exposed in Colombian data leak by Guacamaya
New Mexico’s Cybersecurity Office Investigating Unauthorized Access To Information Systems At State Agency →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked
  • Breaches have consequences (sometimes) (1)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.