U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

COVID-19 data put for sale on Dark Web

Researchers discovered leaked PII stolen from Thailand’s Department of Medical Sciences containing information about citizens with COVID-19. Resecurity, a California-based cybersecurity company protecting Fortune 500, has identified leaked PII stolen from Thailand’s Department of Medical Sciences containing information about citizens with COVID-19 symptoms. The incident was uncovered last week and shared with Thai CERT. The […]

COVID-19 Screenshot from 2022-08-28 10-05-12

Researchers discovered leaked PII stolen from Thailand’s Department of Medical Sciences containing information about citizens with COVID-19.

Resecurity, a California-based cybersecurity company protecting Fortune 500, has identified leaked PII stolen from Thailand’s Department of Medical Sciences containing information about citizens with COVID-19 symptoms. The incident was uncovered last week and shared with Thai CERT.

The data was put for sale on several Dark Web marketplaces and was available for further purchase via a Telegram channel created by the bad actors.

COVID-19 Screenshot from 2022-08-28 10-05-12

Based on the acquired samples and additional insights related to the security incident, the bad actors were able to gain unauthorized access to the government portal allowing them to manage users and records illegally.

“According to the actors, they were able to steal sensitive and personal information including but not limited to last name, first name, sex, age, contact details, medical history, and related local healthcare identifiers” reads the post published by Resecurity

The access was possible due to an active SQL injection vulnerability in an authorization module of the WEB-app used for online surveys.

At the time of breach identification, the bad actors could have accessed at least 5,151 detailed records with potential exposure of 15,000 in total.

Thailand is not the only region where cybercriminals hunt for personal and medical data. Most healthcare services in Thailand are available in digital form for citizens, that’s why they’re always an attractive target for cyberespionage groups, and other Dark Web actors collecting information for malicious purposes, one example is to use the stolen data for further identity theft. This year similar incidents occurred in Indonesia and India leading to the theft of COVID-19 patient records.

Resecurity has timely shared the exposed leaked data with the relevant authorities and law enforcement to ensure the affected citizens will be protected in the scope of the existing privacy laws and data protection regulations in Thailand.

To prevent yourself from being a victim of identity theft – subscribe to Resecurity® Identity Protection (IDP), a mobile app and interactive WEB-service featuring a dashboard for continuous 24/7 protection. Resecurity® enables Dark Web monitoring, leaked credentials detection, and timely alerts about other identified threats targeting your persona online.

Resecurity has shared additional details in this blog post:

https://resecurity.com/blog/article/covid-19-data-put-for-sale-in-dark-web

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, COVID-19)

[adrotate banner=”5″]

[adrotate banner=”13″]