16. 05. 2024 Mirko Ioris SOCnews

SOC News | May 16 – Data stolen from SYNLAB published on the Dark Web

SYNLAB, European leader in medical diagnostic services, was the victim of a cyber attack last April. The compromised infrastructure is the one that runs Italians clinics only, other countries were not affected. In early May, ransomware group BlackBasta claimed responsibility for the attack, saying it had stolen 1.5TB of sensitive medical data from Italian citizens. They demanded a ransom, threatening to publish the confidential data on their Dedicated Leak Site (DLS). The ransom wasn’t paid, and on the afternoon of 13 May, BlackBasta published the entire leak on the dark web.

SYNLAB Data published in the Dark Web

According to what the DLS says, almost 9000 different people accessed these data (last update: May 23). Inside the leak are PDFs of medical exams, patient IDs, Excel spreadsheets, employees Word documents, and much more. This information can be used by threat actors for identity theft, user impersonation, spear-phishing or scam campaigns, and other attacks.

If you were a Synlab customer, your data may have been included in the breach and it’s advisable to be on the lookout for any potential phishing, smishing or vishing attempts that may happen to you in the near future.

Mirko Ioris

Mirko Ioris

Technical Consultant - Cyber Security Team | Würth Phoenix

Author

Mirko Ioris

Technical Consultant - Cyber Security Team | Würth Phoenix

Latest posts by Mirko Ioris

30. 06. 2024 SOCnews
SOC News | June 30 – TeamViewer Victim of a Security Breach
24. 05. 2024 SOCnews
SOC News | May 24 – Patch This Veeam Critical Vulnerability Now
30. 04. 2024 SOCnews
SOC News | Apr 30 – New Cyber Attacker Groups Detected
26. 04. 2024 SOCnews
SOC News | Apr 26 – ArcaneDoor: A New Espionage Campaign
24. 04. 2024 SOCnews
SOC News | Apr 24 – Full AMMEGA Data Breach Published
See All

Related Content

Tags: , ,

30. 06. 2024 SOCnews

SOC News | June 30 – TeamViewer Victim of a Security Breach

TeamViewer, the popular remote access software developed by the company of the same name, discovered an irregularity in its internal IT environment on 26 June. They disclosed the potential breach in a statement the following day, stating that they had Read More
07. 06. 2024 Blue Team, SEC4U

Akira Ransomware: How to Make an Efficient Detection Rule

In this article, we're going to explore an example of the process used to perform the initial steps of creating ad hoc detection rules based on specific events that mark the world of cyber security. Specifically, starting from a real Read More
24. 05. 2024 SOCnews

SOC News | May 24 – Patch This Veeam Critical Vulnerability Now

On May 21, Veeam published details about four different vulnerabilities detected in their product Veeam Backup Enterprise Manager (VBEM). One of them is critical and allows an unauthenticated attacker to log in to the Veeam Backup Enterprise Manager web interface Read More
30. 04. 2024 SOCnews

SOC News | Apr 30 – New Cyber Attacker Groups Detected

During the last week of April, our Attacker Centric SOC detected multiple new cyber attacker group websites in the Dark Web. Called Dedicated Leak Sites (DLS), they are widely used by ransomware gangs to publish stolen confidential data when the victim Read More
26. 04. 2024 SOCnews

SOC News | Apr 26 – ArcaneDoor: A New Espionage Campaign

Cisco Talos identified a previously unknown state-sponsored actor behind ArcaneDoor, a sophisticated cyber espionage campaign targeting the perimeter network devices of several vendors. This actor is now tracked as UAT4356 by Talos and STORM-1849 by the Microsoft Threat Intelligence Center. The Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

Search by technology

Contact

Contact us
Serviceportal

Archive