In: Hackers Selling Personal Data Of 150,000 Patients From a Tamil Nadu Hospital in Supply-Chain Attack
Bharat Sharma reports:
After a cyberattack on AIIMS knocked out its servers, a threat actor is selling medical records of patients of a Tamil Nadu-based multispecialty hospital.
A report released by CloudSEK claims that patient data of Sree Saran Medical Centre is on sale by a threat actor. On November 22, 2022, CloudSEK discovered a post that advertised the sale of sensitive data sourced from Three Cube IT Lab India – a Chennai-based provider of business and consulting services.
Read more at India Times.
But note that if you continue reading the article, it also says, “”We assess with low confidence and no direct proof that Three Cube IT may be a software vendor for Sree Saran Medical Center”.” The claim related to the chain comes from the seller of the hospital data, who in a separate post, claimed:
data was stolen from IT company to design systems for hospitals,
and etc, https://threecubeitlab.com/ the data is private and non sold before,
very sensitive include phone numbers, and even streets
! price : 100$
if you only want to be owner of this data, and have the rights to resell and etc, price 400$
number of data : 150K+
DataBreaches attempted to send a contact inquiry form to Three Cube IT, but the form did not send, returning a 500 error. An email has been sent to their ITSupport email contact. This post will be updated when a reply is received or more information becomes available.