DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Two more attacks involving sensitive data: a plastic surgery center in Brazil and a psychiatric hospital in Lithuania

Posted on August 19, 2023 by Dissent

Although it’s impossible for DataBreaches to really monitor for attacks on medical entities around the world, here are two non-U.S. ones recently spotted that both involve sensitive data.

Plastic Surgery Practice in Brazil

This week, DataBreaches spotted a listing for data from a Brazilian plastic surgery practice. The seller, who calls himself “TheSnake,” claims to have 1.3 TB of files from RobertoPolizzo.com.

Listing contained a link to a sample of files with a password. Both redacted by DataBreaches.
The listing is on a popular hacking forum. Image: DataBreaches.net.

The listing claims that he acquired:

  • Driver’s license
  • Brazilian SSN (CPF ID)
  • Personal data
  • Accounts
  • Receipts
  • Certificates from Covid
  • Internal documents of the company; and
  • Personal data about patients

In several private messages, DataBreaches obtained more information about the incident. According to TheSnake, he was responsible for hacking them, and when he contacted them, they ignored his contacts.

“They didn’t care when I sent them photos proving that I really have the company’s database too. I thought it was absurd because it was data not only from the client but from the company itself,” he wrote to DataBreaches. “I am planning to launch a ransomware attack on his server and ask for ransom soon,” he added, stating that he also has some self-developed exploits, botnets, and ransomware that he uses in attacks.

A sample of files was uploaded as proof of claims. DataBreaches notes that all the files appeared to be password-protected. DataBreaches sent an email inquiry to Dr. Polizzi yesterday about the claimed attack but received no reply.

There have been a number of recent attacks on plastic surgery sites, with nude photos of patients being uploaded by some attackers as a way of pressuring victims to pay ransom to remove the pictures and medical files from the leak sites. DataBreaches does not know what kinds of patient data may be in the files acquired by TheSnake, but thankfully, he does not appear to be leaking such sensitive material.

Psychiatric Hospital in Lithuania

In a second attack on the medical sector noted this week, DataBreaches spotted an attack on Respublikinė Vilniaus Psichiatrijos Ligoninė (the Republican Vilnius Psychiatric Hospital) in Lithuania by the NoEscape ransomware group.

The listing by NoEscape was dated July 30 and claims to have 37 GB of data, of which 448.33 KB have been leaked. Image: DataBreaches.net.

A machine translation of their about page describes the hospital as:

Republican Vilnius Psychiatric Hospital (RVPL) is the largest and widest range of mental health care institution in Lithuania. More than 600 employees work in the hospital, and professional assistance is provided to more than 7,000 people every year. patients.

From emergency care to rehabilitation, from child psychiatry to the treatment of various dementias, from consultations to a comprehensive recovery plan – professional help is available 24 hours a day, seven days a week.

As proof of claims, NoEscape leaked a filetree. The server in question has files that cover a number of years, but according to the attackers, the filetree does not tell the whole story:

The management wants to hide the fact that their servers were encrypted and compromised, this is a bad idea because we have such data as: finances, taxes, personal data of patients, medical records of patients, procedures for admission, treatment and discharge of patients, hundreds of agreements, contracts, documents of employees as well as documents on hiring employees, hygiene passports, health passports, passports of clients and employees, and a lot of other confidential information related to both clients and the company itself.

If you do not get in touch with us as soon as possible, the above data will be published and become public, and your patients and their families may start proceedings that will be followed by lawsuits and very big problems.
The file tree does not contain all the documents we have. When studying the documents that we stolen, were revealed very important and secret documents , for example, about testing new pills on living people and their conclusions…

The countdown clock currently shows 8 days until the next update on the leak site.

So neither of these two attacks has already resulted in the leak of sensitive data but both incidents have the potential to leak or sell personal and sensitive information.

Update:  NoEscape subsequently leaked 25.44 GB of files from the psychiatric hospital.

Category: Breach IncidentsHackHealth DataNon-U.S.

Post navigation

← Bunker Hill Community College discloses May ransomware attack
After cyber breach, Point32Health suffers financial losses →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • B.C. health authority faces class-action lawsuit over 2009 data breach (1)
  • Private Industry Notification: Silent Ransom Group Targeting Law Firms
  • Data Breach Lawsuits Against Chord Specialty Dental Partners Consolidated
  • PA: York County alerts residents of potential data breach
  • FTC Finalizes Order with GoDaddy over Data Security Failures
  • Hacker steals $223 million in Cetus Protocol cryptocurrency heist
  • Operation ENDGAME strikes again: the ransomware kill chain broken at its source
  • Mysterious Database of 184 Million Records Exposes Vast Array of Login Credentials
  • Mysterious hacking group Careto was run by the Spanish government, sources say
  • 16 Defendants Federally Charged in Connection with DanaBot Malware Scheme That Infected Computers Worldwide

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • D.C. Federal Court Rules Termination of Democrat PCLOB Members Is Unlawful
  • Meta may continue to train AI with user data, German court says
  • Widow of slain Saudi journalist can’t pursue surveillance claims against Israeli spyware firm
  • Researchers Scrape 2 Billion Discord Messages and Publish Them Online
  • GDPR is cracking: Brussels rewrites its prized privacy law
  • Telegram Gave Authorities Data on More than 20,000 Users
  • Police secretly monitored New Orleans with facial recognition cameras

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.