Another day, another massive leak. Researcher Jeremiah Fowler reports that he found unsecured data with 1,674,218 records belonging to DM Clinical Research. DM Clinical Research is a Texas-based network of more than 24 multi-therapeutic clinical trial sites involved in research on vaccines, internal medicine, pediatrics, gastroenterology, psychiatry, neurology, women’s health, and more. DM Clinical Research’s…
Category: Health Data
Medusa ransomware gang demands $2M from UK private health services provider
Iain Thomson reports: HCRG Care Group, a private health and social services provider, has seemingly fallen victim to the Medusa ransomware gang, which is threatening to leak what’s claimed to be stolen internal records unless a substantial ransom is paid. Previously known as Virgin Care and now owned by Twenty20 Capital, HCRG runs child and…
Major IVF provider Genea suffers ‘cyber incident’ (1)
Update: On February 24, 2025, the Termite ransomware group claimed responsibility for the attack on Genea. On their darkweb leak site, they claim to have ~700gb of data from company’s servers such as confidential, personal data of clients. They posted a number of screenshots with patient records as proof of claims. ACS Information Age…
Hundreds of Dutch medical records bought for pocket change at flea market
It’s been a while since DataBreaches posted a story about unerased drives with tons of sensitive information being purchased at a flea market or auction, but here we are again, and this time in the Netherlands. Connor Jones reports: Robert Polet, a 62-year-old techie and apparent bargain hunter from Breda, a city in the southern…
Health Net Federal Services, LLC and Centene Corporation Agree to Pay Over $11 Million to Resolve False Claims Act Liability for Cybersecurity Violations
From the U.S. Department of Justice, February 18, 2025 Note: View the settlement agreement here. Health Net Federal Services Inc. (HNFS) of Rancho Cordova, California and its corporate parent, St. Louis-based Centene Corporation, have agreed to pay $11,253,400 to resolve claims that HNFS falsely certified compliance with cybersecurity requirements in a contract with the U.S. Department…
Ransomware attack affects Michigan casinos and tribal health centers
On February 15, the RansomHub ransomware group claimed responsibility for an attack on the Sault Ste. Marie Tribe of Chippewa Indians. RansomHub claims to have “temporarily locked” the tribe’s infrastructure and to have acquired 119 GB of files (501, 211 files). The affected systems reportedly include casinos, convenience stores, government buildings, and telecommunications services, but…