Monday, May 6, 2024

Vogon Today

Selected News from the Galaxy

StartMag

This is how the data stolen from the Ministry of Health ended up on sale on Telegram

1 year ago babelfish

This is how the data stolen from the Ministry of Health ended up on sale on Telegram

As many as 37 gigabytes of data stolen from the Italian Ministry of Health concerning 3 million citizens are in the hands of criminals who try to sell them in chat. What's going on

There is an issue that risks embarrassing the executive, although at the moment it is still undefined: 37 gigabytes of data have been stolen from the Ministry of Health and put up for sale in a Telegram channel. The first to find out was Sofia Scozzari , CEO of HackManac, a company specializing in cybersecurity, who then denounced the matter via Twitter, emphasizing how to make the sale concrete, criminals are willing to grant potential customers "appetizers" useful for testing the quality of the goods in their possession.

WHAT WE KNOW ABOUT THE DATA STOLEN FROM THE MINISTRY OF HEALTH

At the moment, as we said, information is scarce. Yet there would be many questions: what's in the 37 gigs that ended up on the black market? What type of information was leaked, when (it could possibly be so old that it doesn't matter much) and by what means? For the moment we know that they affect over 3 million people.

The information, Scozzari explains in the post, is sold on demand in the KevinSecurity channel which has over 7,000 members. Perhaps the name of KelvinSecurity made you ring a bell: the group of cybercriminals had already sold stolen data of Vodafone users in Italy in 2022. In that case the information stolen was even more numerous: in all 309 gigabytes.

Thanks to an exchange of messages between HackManac and a user willing to buy the stolen data in exchange for cryptocurrencies, it was discovered that the origin of this database points precisely to the Ministry of Health. Among the samples provided, several data would concern the hospital of Alessandria, but it is not possible to say that it is the only database violated or if the stolen goods are the result of multiple criminal actions committed against a larger number of public entities, always in the medical field which, we recall, manages the most sensitive information in absolute accordance with what is established by the constant doctrine and administrative jurisprudence.

(article updated at 4.30pm)

This is a machine translation from Italian language of a post published on Start Magazine at the URL https://www.startmag.it/innovazione/ecco-come-i-dati-rubati-al-ministero-della-salute-sono-finiti-in-vendita-su-telegram/ on Thu, 13 Apr 2023 14:36:34 +0000.