Months after the initial MOVEit cybersecurity incident, new victims are still being confirmed, with BORN Ontario, a Canadian government-funded birth registry, the latest big agency to confirm falling victim to the Cl0p ransomware group.
As per a press statement, the hackers stole data on 3.4 million people who sought pregnancy care, addressed fertility issues, as well as data on healthcare services provided to newborns and small children (roughly two million children).
The data stolen was collected from January 2010 until the incident in May 2023.
Clop strikes again
Furthermore, hackers took names, birth dates, postal addresses, and postal codes, as well as health card numbers. They also stole dates of care and service, lab test results, pregnancy risk factors, type of birth, procedures, and pregnancy and birth outcomes and associated care.
The attack seems extensive and the data extremely valuable, especially for those interested in identity theft and phishing.
While BORN Ontario laid the blame for the hack on Clop, the Russian threat actor that compromised the secure file transfer service MOVEit last spring, Clop is yet to list this organization on its leak site. So far, hundreds of victims have been added to the site.
At the same time, the organization’s spokespersons seem to be quiet on the matter. When reached out to by TechCrunch, BORN Ontario spokesperson Tammy Kuepfer did not return any requests for comment. The organization did say it notified the police as well as Ontario’s privacy watchdog, the Information and Privacy Commissioner (IPC). This organization also did not comment on the news, other than saying that it was notified of the incident on June 14.
Whether or not BORN received a ransom demand, and if it paid it or not – remains to be seen.
Via TechCrunch