Threat Actor: The Nexus Squad | The Nexus Squad
Victim: Manila Health Department | Manila Health Department
Price: Listed for sale on a prominent hacking forum
Exfiltrated Data Type: Sensitive patient and employee records
Key Points :
- The breach occurred in July 2024.
- Compromised data includes usernames, names, dates of birth, appointment details, and 19,000 unique email addresses.
- Passwords were exposed in MD5 hash format, raising security concerns.
- Detailed patient records include ID, username, password, role, first and last names, health center affiliations, and more.
- The incident highlights significant vulnerabilities in the protection of sensitive health information in the region.
A threat actor claims to have leaked a database from the Manila Health Department, containing sensitive patient and employee records. The compromised data reportedly includes usernames, names, dates of birth, appointment details, and 19,000 unique email addresses.
According to the threat actor, the breach occurred in July 2024 and was initially brought to attention by a group called “The Nexus Squad.” The stolen data was subsequently listed for sale on a prominent hacking forum. In addition to the personal information, the breach also exposed passwords in MD5 hash format, further heightening security concerns.
The exposed database includes detailed patient records with fields such as ID, username, password, role, first and last names, health center affiliations, email addresses, dates of birth, and more. The breach represents a significant compromise of the Manila Health Department’s services, raising serious concerns about the protection of sensitive health information in the region.
The post Manila Health Department Allegedly Breached, Sensitive Patient and Employee Records Exposed appeared first on Daily Dark Web.