DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Meow Leaks claims attack on Vanderbilt University Medical Center (3)

Posted on November 24, 2023 by Dissent

 

Meow Leaks has added Vanderbilt University Medical Center (VUMC) in Tennessee to their leak site, and has dumped what they claim is 100% of the data they exfiltrated.

“The hack was 02/11/23
The company will be hacked again!” they announced on November 18.

 The leak was posted in two parts, each described as “SQL,” but by the time DataBreaches attempted to download the data, it had been deleted from the file-sharing site for violations of terms of service.

Via communications on Jabber, Meow Leaks informed DataBreaches that they would be re-uploading the data to where it couldn’t be deleted, but that has not happened as of publication.

DataBreaches reached out to VUMC to ask about the claimed attack. VUMC Chief Communications Officer John Howser sent the following statement confirming a breach:

Vanderbilt University Medical Center (VUMC) identified and contained a cybersecurity incident in which a database was compromised and has launched an investigation into the incident. Preliminary results from the investigation indicate that the compromised database did not contain personal or protected information about patients or employees. Thank you.

Although they did not answer a question as to whether any files had been encrypted, the spokesperson for Meow Leaks told DataBreaches that they had not locked anything.  “We are not blocking anyone, we are against ransomware,” they told DataBreaches.

When informed of VUMC’s statement about personal or protected information about patients or employees not being involved (based on preliminary results), they responded:

You will find out soon, they have a lot of vulnerabilities and you have to understand that we tried to contact them and fix all the vulnerabilities in their network through the bug bounty program, but they were not interested. So we will post the old information and later the other information.

DataBreaches will continue to monitor this incident and will provide an update when more information becomes available.

Update 1: Because others have raised questions or suggested that Meow Leaks is the same group as the Meow Ransomware group or others who use “Meow” on Telegram, DataBreaches asked them to clarify those points. “There’s no such thing as a Telegram channel. We are in no way connected with the meow ransom programs,” they responded. The group has reuploaded the data, and DataBreaches will update this post after examining it.

Update 2: DataBreaches has reviewed the compressed archives uploaded by Meow Leaks. Those data did not include any personnel’s personal information or any patient data, as the statement from VUMC had suggested. If Meow Leaks dumps more data at some later date,  this post may be updated.

Update 3: More about Meow Leaks: As reported above, Meow Leaks claims they are not associated with the Meow Ransomware gang or any “Meow” channel on Telegram. Since then, other unsupported claims have also appeared, such as a claim that Meow Leaks is “ex-Conti.”

From what DataBreaches has gathered so far, Meow Leak’s model is the”We’ve found vulnerabilities and we’ll help you fix them for a fee” approach. They say they charge a lot less than IT firms and consider the fee like a bug bounty. Having noticed that some of their listings were for entities they claim to have hit more than two months ago, DataBreaches asked whether that was their usual timeframe. They answered:

I usually try to let the company know as soon as possible about multiple vulnerabilities and don’t rush anyone. The data is just as evidence that they are vulnerable. I am not interested in the data, but I am annoyed that the company is trying to hide the hack from the public and blatantly lie to me that they are doing fine) I offer security services to them and the price of security is very different from what IT companies can offer them now. Let’s just say they are investing in their bright future and I am helping them make it happen. Let them be held legally accountable if they’re liars.

No related posts.

Category: Breach IncidentsHackHealth DataU.S.

Post navigation

← From ransomware to attacks on vendors, school districts face multiple threats
Network outage at UT Health East Texas causes the hospital to enter divert status →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Air Force Employee Pleads Guilty to Conspiracy to Disclose Unlawfully Classified National Defense Information
  • UK police arrest four in connection with M&S, Co-op and Harrods cyberattacks (1)
  • At U.S. request, France jails Russian basketball player Daniil Kasatkin on suspicion of ransomware conspiracy
  • Avantic Medical Lab hacked; patient data leaked by Everest Group
  • Integrated Oncology Network victim of phishing attack; multiple locations affected (2)
  • HHS’ Office for Civil Rights Settles HIPAA Privacy and Security Rule Investigation with Deer Oaks Behavioral Health for $225k and a Corrective Action Plan
  • HB1127 Explained: North Dakota’s New InfoSec Requirements for Financial Corporations
  • Credit reports among personal data of 190,000 breached, put for sale on Dark Web; IT vendor fined
  • Five youths arrested on suspicion of phishing
  • Russia Jailed Hacker Who Worked for Ukrainian Intelligence to Launch Cyberattacks on Critical Infrastructure

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • How to Build on Washington’s “My Health, My Data” Act
  • Department of Justice Subpoenas Doctors and Clinics Involved in Performing Transgender Medical Procedures on Children
  • Google Settles Privacy Class Action Over Period Tracking App
  • ICE Is Searching a Massive Insurance and Medical Bill Database to Find Deportation Targets
  • Franklin, Tennessee Resident Sentenced to 30 Months in Federal Prison on Multiple Cyber Stalking Charges
  • On July 7, Gemini AI will access your WhatsApp and more. Learn how to disable it on Android.
  • German court awards Facebook user €5,000 for data protection violations

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.