Months after the first MOVEit cybersecurity incident, new victims continue to be confirmed, with BORN Ontario, a Canadian government-funded birth registry, becoming the latest major agency to confirm that they have fallen victim to the Cl0p ransomware group.
According to a press statement, the hackers stole data on 3.4 million people seeking pregnancy care, treating fertility issues, as well as data on healthcare services provided to newborns and small children (approximately two million children).
The stolen data was collected from January 2010 until the May 2023 incident.
Knock strikes again
Additionally, hackers took names, dates of birth, mailing addresses and zip codes, as well as health card numbers. They also sampled dates of care and services, laboratory test results, pregnancy risk factors, type of birth, procedures, and pregnancy and birth outcomes and associated care.
The attack appears extensive and the data is extremely valuable, especially for those interested in identity theft and phishing.
While BORN Ontario placed the blame for the hack on Clop, the Russian threat actor that compromised the secure file transfer service MOVEit last spring, Clop has yet to list this organization on the leak site. Hundreds of victims have been added to the site so far.
At the same time, the organization’s spokespersons appear to be silent on the issue. When contacted by TechCrunch, BORN Ontario spokesperson Tammy Kuepfer did not return requests for comment. The organization did say it had notified police and Ontario’s privacy watchdog, the Information and Privacy Commissioner (IPC). This organization also did not comment on the news, other than to say that it was informed of the incident on June 14.
Whether or not BORN received a ransom demand and whether it paid it or not remains to be seen.
Through TechCrunch