CyberHappenings logo
☰
🏠 Home πŸ“‚ Browse ℹ️ About

Track cybersecurity events as they unfold. Sourced timelines, daily updates. Fast, privacy‑respecting. No ads, no tracking.

KillSec Ransomware Attack on Brazilian Healthcare Software Provider MedicSolution

First reported
Last updated
πŸ“° 1 unique sources, 1 articles

Summary

Hide β–²

KillSec ransomware group attacked MedicSolution, a Brazilian healthcare software provider, on September 8, 2025. The group exfiltrated over 34GB of sensitive data, including lab results, X-rays, and patient records, from insecure AWS S3 buckets. The breach impacts patients whose data is hosted on MedicSolution's cloud services. KillSec threatens to leak the data unless a ransom is paid. The attack highlights the risks of supply chain compromises in the healthcare sector. The group has also targeted healthcare institutions in the US, Peru, and Colombia, and previously leaked data from Doctocliq, a healthcare software platform in Peru. The attack underscores the growing trend of cybercriminals exploiting exposed cloud resources, particularly in regions with high digitization and economic activity.

Timeline

  1. 15.09.2025 23:28 πŸ“° 1 articles Β· ⏱ 1d ago

    KillSec Ransomware Group Attacks Brazilian Healthcare Software Provider MedicSolution

    On September 8, 2025, the KillSec ransomware group attacked MedicSolution, a Brazilian healthcare software provider. The group exfiltrated over 34GB of sensitive data, including lab results, X-rays, and patient records, from insecure AWS S3 buckets. The breach impacts patients whose data is hosted on MedicSolution's cloud services. The group threatens to leak the data unless a ransom is paid. The attack highlights the risks of supply chain compromises in the healthcare sector and the growing trend of cybercriminals exploiting exposed cloud resources.

    Show sources
    Open in new tab

Information Snippets