Info Data Leak

Alleged Maxicare Philippines Data Breach Exposes Sensitive Personal and Booking Information

kukublanPH

Manila, Philippines – An alleged data breach involving Maxicare Philippines has been identified by the Deep Web Konek Team. The breach, carried out by a threat actor known as “OPCODE-90,” resulted in the unauthorized scraping of authenticated data.

The compromised file, sized at 33.3 MB, contains over 22,800 lines of sensitive information and is reportedly being sold to the first three buyers.

The breach exposed detailed personal and booking information, including:

  • Sender Details: First name, middle name, last name, unit/vendor, company, email, and Go Rewards code.
  • Member Details: First name, middle name, last name, company name, 16-digit Maxicare card number, corp code, account type, date of birth, sex, mobile numbers, email address (for confirming schedules and sending results), other remarks, and VIP status.
  • Member Booking Details: Province, country, ZIP code, city, barangay, street, village/subdivision, landmark, preferred dates and times, and a list of requested procedures.

Affected Companies

Over 1,000 major companies were affected, including:

  • ABS-CBN Corporation
  • Accenture, Inc.
  • Acer Philippines Inc.
  • Acquire Asia Pacific Philippines Inc.
  • Afni Philippines Inc.
  • AIA Philippines Life and General Insurance Company Inc.
  • Allianz PNB Life Insurance Inc.
  • Atlassian Philippines, Inc.
  • Bayer Business Services Philippines Inc.
  • BPI AIA Life Assurance Corporation (formerly BPI Philam Life Assurance Corp BPLAC)
  • Canva Solutions Inc.
  • Cebu Air, Inc.

Notification from Maxicare

On June 16, 2024, Maxicare Philippines issued a notification to affected members regarding the data breach, which occurred on June 13, 2024. Unauthorized access was gained to personal information submitted to Lab@Home, a third-party provider for laboratory requests from home. While Lab@Home maintains a separate database and is not integrated with Maxicare’s systems, the breach still impacts Maxicare members. Maxicare is taking measures to minimize further risk and keep members informed about the incident.

Stay informed, stay safe. Team

Source: https://kukublanph.data.blog/2024/06/18/alleged-maxicare-philippines-data-breach-exposes-sensitive-personal-and-booking-information/

Tags: EMAIL, BREACH, MOBILE