Dermatology management services giant QualDerm suffered a cyberattack in late 2025 which saw it lose sensitive personal and healthcare data on more than three million people.
The company is now notifying affected individuals by mail, noting in a breach notification letter that between December 23 and 24, 2025, a threat actor managed to access “a limited number of systems” and pull “certain information” stored within. That data includes a combination of people’s names, email addresses, dates of birth, medical record numbers, diagnosis and treatment information.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Twitter breach exposed anonymous account owners
August 5, 2022
A vulnerability in Twitter’s software that exposed an undetermined number of owners of anonymous accounts to potential identity compromise last year was apparently exploited by a malicious actor, the social media company said Friday. It did not confirm a report that data on 5.4 million users was offered for sale online as a result but said ...
- Hacker selling Twitter account data of 5.4 million users for $30k
July 22, 2022
Twitter has suffered a data breach after threat actors used a vulnerability to build a database of phone numbers and email addresses belonging to 5.4 million accounts, with the data now up for sale on a hacker forum for $30,000. Yesterday, a threat actor known as ‘devil’ said on a stolen data market that the database ...
- Walmart-controlled flight booking service suffers substantial data leak
July 19, 2022
An Indian flight booking website majority-owned by US retail colossus Walmart has experienced a data breach, but is saying very little about what happened or the risks to customers. News of the breach emerged on Monday, when customers received a message. While the message to customers assures them that “no sensitive information pertaining to your Cleartrip account” ...
- 1.9m patient records exposed in healthcare debt collector ransomware attack
July 13, 2022
Professional Finance Company, a Colorado-based debt collector whose customers include hundreds of US hospitals, medical clinics, and dental groups, recently disclosed that private data – including names, addresses, social security numbers, and health records – for more than 1.9 million people was exposed during a ransomware infection. In a notice posted on its website, PFC ...
- RaHDIt hackers published data of Ukrainian spies
July 6, 2022
RaHDIt hackers have made public the data of one thousand employees of the Main Intelligence Directorate (GUR) of the military department of Ukraine. According to RIA Novosti, problems in protecting the networks of the Central Directorate of the Main Intelligence Directorate on Rybalsky Island in Kyiv helped in the formation of the database. Among the disclosed intelligence ...
- Log4Shell Vulnerability in VMware Leads to Data Exfiltration and Ransomware
June 28, 2022
Trend Micro Research recently analyzed several cases of a Log4Shell vulnerability being exploited in certain versions of the software VMware Horizon. After investigating the chain of events, they found that many of these attacks resulted in data being exfiltrated from the infected systems. However, the researchers also found that some of the victims were infected ...