MedicSolution, a healthcare-software provider in Brazil, was hit by the KillSec ransomware group. Attackers stole over 34 GB of data across more than 94,000 files, including lab results, X-rays, unredacted patient images, and records of minors. The breach stemmed from exposed AWS S3 buckets, which appear to have been vulnerable for several months. Many of MedicSolution’s clients—clinics and medical practices that rely on its cloud services—now face risks to patient privacy and sensitive medical histories.

KillSec has also claimed similar breaches in other Latin American countries including Peru, Colombia, and the U.S., targeting healthcare-software platforms. Affected systems shared features such as misconfigured cloud storage, enabling attackers to enumerate and exfiltrate data. The article urges healthcare organizations to strengthen cloud security practices: regular monitoring of exposed resources, managing attack surface proactively, and ensuring third-party supply chain risks are assessed and mitigated.

‍

Source: https://www.darkreading.com/cyberattacks-data-breaches/killsec-ransomware-brazil-healthcare-software-provider