Teiss reports: The National Health Service (NHS) is investigating claims that an application programming interface (API) vulnerability at private healthcare provider Medefer left patient data exposed. The issue, initially raised by an IT whistleblower, has prompted scrutiny from the NHS, which has stated it will take further action if necessary. Medefer, a virtual healthcare provider…
Category: Non-U.S.
Black Basta exposed: A look at a cybercrime data leak and a key member, “Tramp”
Intel471 reports: On Feb. 11, 2025, a mysterious leaker going by the Telegram username ExploitWhispers released one year’s worth of internal communications between members of the Black Basta ransomware group on a Telegram channel. Black Basta is still active in a reduced capacity, but in 2022, it was the third most impactful ransomware group. Its members appeared to be experienced…
Criminal hacker known as ALTDOS, DESORDEN, GHOSTR and 0mid16B arrested
He called himself ALTDOS when he first contacted DataBreaches in 2020. In 2021 he started contacting this site as DESORDEN. Then in 2024, he contacted this site as GHOSTR, and more recently, as 0mid16B. Under each new moniker, he denied being the individual DataBreaches knew under previous monikers, even though based on his targets, his…
Medusa Unveils Another 50TB of Stolen Data from HCRG Care Group, Giving Greater Insight Into the Scope of the Breach
After the Medusa gang reportedly demanded a $2 million ransom from UK healthcare and community services provider HCRG Care Group, HCRG confirmed they had a breach and said they were investigating. But they did not confirm that patient data and employee was affected and they did not confirm that files had been encrypted. On February…
Belgian prosecutor probes alleged Chinese hacking of intelligence service
The Straits Times reports: The Belgian federal prosecutor said on Wednesday it had started a probe into alleged Chinese hacking of Belgium’s intelligence service VSSE in November 2023, confirming an earlier report by Belgian daily Le Soir. The prosecutor added that it had received an accusation filed by VSSE in relation to the case. The…
Ransomware attack on Southern Water cost £4.5 million
Penny Horwood reports: The ransomware attack on Southern Water approximately one year ago by the Russia-linked Black Basta group has cost the utility provider more than £4.5 million to date, according to the utility company’s annual report. An extract from the publicly available Southern Water annual report says: “..in February 2024 we announced that data from a limited part…