Newsinterpretation

KillSec ransomware group claims attack on Brazil healthcare software provider MedicSolution

A Dangerous Cyberattack on Healthcare

Brazil’s healthcare industry has been hit hard by a dangerous cyberattack. A ransomware group known as KillSec has claimed responsibility for breaking into the systems of MedicSolution, a company that provides software to hospitals and clinics in the country. The attackers say they have stolen sensitive medical information and threaten to release it online unless victims start talks quickly.

Cybersecurity experts who studied the case revealed that attackers took the data from an insecure storage system hosted on Amazon’s cloud services. The experts believe the attackers exposed the information for several months before anyone noticed the breach. This makes the incident one of the most serious supply chain breaches Brazil’s healthcare sector has ever faced.

The stolen data includes more than 34 gigabytes of files, totaling almost 95,000 documents. These files contain highly sensitive medical records, lab results, X-rays, and even unredacted patient photographs. Some of the stolen pictures show body parts, and records of children are also included.

Resecurity, a cybersecurity firm monitoring the incident, identified several patients in the stolen files. The firm contacted those patients, but they did not know their private information had been compromised. The attack shows that ransomware groups not only target organizations but also directly harm innocent people who never expect their medical data to appear online.

Brazil Not the First Target

This is not the first time that KillSec has attacked Brazil. In the past, the same group leaked personal and business data that included financial identifiers, bank details, and government-related information.

However, this time the attack on MedicSolution has shown that the group can cause serious damage. Unlike earlier breaches that targeted government resources, the current incident involves the private healthcare sector. Sensitive medical data, especially lab results and health assessments, is far more personal and harmful when exposed.

How Cyber Attacks on Industrial Control Systems Can Endanger Lives ?

KillSec has also been expanding its operations outside Brazil. Just days before this latest attack, the group announced that it had successfully compromised healthcare providers in Colombia, Peru, and the United States. The list of victims included organizations such as Archer Health in the U.S., Suiza Lab in Peru, and GoTelemedicina and eMedicoERP in Colombia.

A month earlier, KillSec also leaked data from Doctocliq, a healthcare software platform in Peru that works with thousands of doctors across more than 20 countries. The group has not limited itself to healthcare alone.

Brazil’s Data Protection Laws and Penalties

Brazil has strict laws to protect personal data, especially health records. The country’s main regulation is the Lei Geral de Proteção de Dados (LGPD), or General Data Protection Law, which came into full effect in 2020. Under this law, health-related information is considered “sensitive personal data.” That means organizations handling it must follow strict rules for storage, processing, and security.

The Autoridade Nacional de Proteção de Dados (ANPD), Brazil’s national data protection authority, enforces the law.  In 2024, the ANPD carried out a major audit of healthcare institutions across Brazil.

Bridgestone Hit by Suspicious Cyberattack as Operations Disrupted in US and Canada

The ANPD fined 15 healthcare organizations a combined BRL 12 million (about USD 2.4 million) during this audit for failing to use encryption and for lacking proper response plans in case of cyberattacks.

Since 2023, the ANPD has imposed over BRL 98 million (nearly USD 20 million) in fines across all sectors. Healthcare remains one of the most targeted industries, not only by hackers but also by regulators who have identified repeated weaknesses in protecting sensitive data.

The attack on MedicSolution shows how those weaknesses can be exploited by cybercriminals. With nearly 95,000 files stolen, the scale of this ransomware attack makes it one of the most damaging breaches in Brazil’s healthcare industry to date.

Renuka Bangale
Renuka is a distinguished Chartered Accountant and a Certified Digital Threats Analyst from Riskpro, renowned for her expertise in cybersecurity. With a deep understanding of cybercrimes, malware, cyber warfare, and espionage, she has established herself as an authority in the field. Renuka combines her financial acumen with advanced knowledge of digital threats to provide unparalleled insights into the evolving landscape of information security. Her analytical prowess enables her to dissect complex cyber incidents, offering clarity on risks and mitigation strategies. As a key contributor to Newsinterpretation’s information security category, Renuka delivers authoritative articles that educate and inform readers about emerging threats and best practices.

TOP 10 TRENDING ON NEWSINTERPRETATION

Oracle warns of extortion emails hitting E-Business Suite users amid software gaps

Oracle has confirmed that customers using its E-Business Suite...

Newsom warns California colleges of losing state funds if they sign Trump education compact

California Governor Gavin Newsom has issued a strong warning...

Vance accuses Democrats of shutting down America to protect AOC’s political power

The United States government entered a shutdown on Wednesday,...

AI is making phishing, ransomware, and cybercrime more dangerous for accountants

Artificial intelligence is making cyberattacks faster, smarter, and more...

Kamala Harris: “Republicans just shutdown the government to make your health care cost more”

The United States federal government officially shut down early...

AOC takes center stage: “Trump is bluffing — Democrats must not blink” as shutdown looms

Rep. Alexandria Ocasio-Cortez (D-N.Y.) has called on her Democratic...

Hacker gains access to FEMA and Border Patrol systems in multi-week breach

Massive Hack Hits FEMA and Border Patrol A major cyberattack...

Government shutdown 2025 begins with essential services continuing while nonessential workers furloughed

The United States federal government officially entered a Government...

Midterm manipulation fury: Newsom warns Americans are paying price for GOP power games

Midterm Politics and Impeachment ControversyPublic Reaction and Urgency in...

“Pay more and enjoy nothing”—Newsom torches Trump’s tariff push as costs for food, cars, and flights soar

California Governor Gavin Newsom has strongly criticized President Donald...

Oracle warns of extortion emails hitting E-Business Suite users amid software gaps

Oracle has confirmed that customers using its E-Business Suite...

Newsom warns California colleges of losing state funds if they sign Trump education compact

California Governor Gavin Newsom has issued a strong warning...

Vance accuses Democrats of shutting down America to protect AOC’s political power

The United States government entered a shutdown on Wednesday,...

AI is making phishing, ransomware, and cybercrime more dangerous for accountants

Artificial intelligence is making cyberattacks faster, smarter, and more...

Kamala Harris: “Republicans just shutdown the government to make your health care cost more”

The United States federal government officially shut down early...

AOC takes center stage: “Trump is bluffing — Democrats must not blink” as shutdown looms

Rep. Alexandria Ocasio-Cortez (D-N.Y.) has called on her Democratic...

Hacker gains access to FEMA and Border Patrol systems in multi-week breach

Massive Hack Hits FEMA and Border Patrol A major cyberattack...

Government shutdown 2025 begins with essential services continuing while nonessential workers furloughed

The United States federal government officially entered a Government...
error: Content is protected !!
Exit mobile version