Aman Shukla reports: Niva Bupa Health Insurance Company Ltd has recently informed exchanges that the company received an email from an anonymous sender claiming a potential customer data breach. The company is actively investigating the matter and implementing preventive measures to mitigate risks. … In the exchange filing, the company shared, “We have received communication(s)…
Category: Health Data
No need to hack when it’s leaking, Thursday edition: DM Clinical Research
Another day, another massive leak. Researcher Jeremiah Fowler reports that he found unsecured data with 1,674,218 records belonging to DM Clinical Research. DM Clinical Research is a Texas-based network of more than 24 multi-therapeutic clinical trial sites involved in research on vaccines, internal medicine, pediatrics, gastroenterology, psychiatry, neurology, women’s health, and more. DM Clinical Research’s…
Medusa ransomware gang demands $2M from UK private health services provider
Iain Thomson reports: HCRG Care Group, a private health and social services provider, has seemingly fallen victim to the Medusa ransomware gang, which is threatening to leak what’s claimed to be stolen internal records unless a substantial ransom is paid. Previously known as Virgin Care and now owned by Twenty20 Capital, HCRG runs child and…
Major IVF provider Genea suffers ‘cyber incident’ (1)
Update: On February 24, 2025, the Termite ransomware group claimed responsibility for the attack on Genea. On their darkweb leak site, they claim to have ~700gb of data from company’s servers such as confidential, personal data of clients. They posted a number of screenshots with patient records as proof of claims. ACS Information Age…
Hundreds of Dutch medical records bought for pocket change at flea market
It’s been a while since DataBreaches posted a story about unerased drives with tons of sensitive information being purchased at a flea market or auction, but here we are again, and this time in the Netherlands. Connor Jones reports: Robert Polet, a 62-year-old techie and apparent bargain hunter from Breda, a city in the southern…
Health Net Federal Services, LLC and Centene Corporation Agree to Pay Over $11 Million to Resolve False Claims Act Liability for Cybersecurity Violations
From the U.S. Department of Justice, February 18, 2025 Note: View the settlement agreement here. Health Net Federal Services Inc. (HNFS) of Rancho Cordova, California and its corporate parent, St. Louis-based Centene Corporation, have agreed to pay $11,253,400 to resolve claims that HNFS falsely certified compliance with cybersecurity requirements in a contract with the U.S. Department…