Dermatology management services giant QualDerm suffered a cyberattack in late 2025 which saw it lose sensitive personal and healthcare data on more than three million people.
The company is now notifying affected individuals by mail, noting in a breach notification letter that between December 23 and 24, 2025, a threat actor managed to access “a limited number of systems” and pull “certain information” stored within. That data includes a combination of people’s names, email addresses, dates of birth, medical record numbers, diagnosis and treatment information.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- 1.1M Compromised Accounts Found at 17 Major Companies
January 5, 2022
There have been more than 1.1 million online accounts compromised in a series of credential-stuffing attacks against 17 different companies, according to a New York State investigation. Credential-stuffing attacks, such as last year’s attack on Spotify, use automated scripts to try high volumes of usernames and password combinations against online accounts in an effort to take ...
- Morgan Stanley agrees to $60 million settlement in data breach lawsuit
January 5, 2022
Morgan Stanley has agreed to a settlement figure of $60 million to resolve a data breach lawsuit. The US bank and financial services giant was subject to a class-action suit following two data exposure incidents involving approximately 15 million current and former clients. According to the motion (.PDF), legacy equipment was decommissioned in 2016 and 2019 that ...
- Data breach: Broward Health warns 1.3 million patients, staff of ‘medical identity theft’
January 3, 2022
This weekend, the Broward Health hospital system notified more than 1.3 million patients and staff members that their personal information was involved in a data breach that started on October 15. In a statement on Saturday, the Florida hospital system said that in addition to names, addresses and phone numbers, Social Security numbers, bank account information ...
- Top 10 healthcare breaches in the U.S. exposed data of 19 million
December 31, 2021
The healthcare sector has been the target of hundreds of cyberattacks this year. A tally of public data breach reports so far shows that tens of millions of healthcare records have been exposed to unauthorized parties. Most of the largest data breaches result from ransomware attacks and the first ten of them account for more than ...
- T-Mobile confirms SIM swapping attacks led to breach
December 30, 2021
T-Mobile has confirmed a data breach that was caused in part by SIM swapping attacks, according to a statement from the company. The T-Mo Report, a blog tracking T-Mobile, obtained internal reports showing that some data was leaked from a subset of customers. Some individuals had their customer proprietary network information (CPNI) leaked, which includes information about ...
- Fintech firm hit by log4j hack refuses to pay $5 million ransom
December 29, 2021
One of the largest Vietnamese crypto trading platforms, ONUS, recently suffered a cyber attack on its payment system running a vulnerable Log4j version. Soon enough, threat actors approached ONUS to extort a $5 million sum and threatened to publish the customer data should ONUS refuse to comply. After the company’s refusal to pay the ransom, threat actors ...