Dermatology management services giant QualDerm suffered a cyberattack in late 2025 which saw it lose sensitive personal and healthcare data on more than three million people.
The company is now notifying affected individuals by mail, noting in a breach notification letter that between December 23 and 24, 2025, a threat actor managed to access “a limited number of systems” and pull “certain information” stored within. That data includes a combination of people’s names, email addresses, dates of birth, medical record numbers, diagnosis and treatment information.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Over 77,000 customers’ personal information is exposed in Fidelity Investments data breach
October 12, 2024
Fidelity Investments reported in a filing with Maine’s attorney general that an unnamed third party accessed information from its systems using two recently established customer accounts. It did not say how the creation of two Fidelity customer accounts allowed access to the data of thousands of other customers. The breach occurred between Aug. 17 and 19 ...
- National Public Data Files for Bankruptcy Following Massive Data Breach
October 11, 2024
Jerico Pictures, the parent company of National Public Data (NPD) and the center of a massive data breach that exposed the personal data of an estimated 2.7 billion people, has filed for Chapter 11 Bankruptcy. National Public Data is a background check company that allows its customers to search billions of records with instant results. The ...
- Internet Archive data breach exposes more than 31 million user accounts
October 11, 2024
The Internet Archive, a popular digital library known for its Wayback Machine, was hacked and suffered a data breach that reportedly exposed 31 million user accounts. Founder Brewster Kahle confirmed in a post on the social media platform X that a cyberattack on Tuesday knocked the website offline. He also said that usernames, emails, and encrypted ...
- API Security Exposed: The Role of API Vulnerabilities in Real-World Data Breaches
October 10, 2024
This Trend Micro research discusses real-world API vulnerabilities and shows the risks companies face every day. We start our journey with two popular API gateways: APISIX and Kong. The researchers found over 600 APISIX instances and hundreds of thousands of Kong gateways accessible online. Each one is a door waiting for attackers to knock. However, the ...
- European government systems hit by air-gap malware attack
October 9, 2024
In the last five years, hackers managed to steal sensitive information from air-gapped systems belonging to different European governments on at least three separate occasions. An air-gapped system is a computer or network that is physically isolated from unsecured networks, such as the internet, to prevent unauthorized access and enhance security. Still, crooks managed to steal ...
- MoneyGram data breach included Social Security numbers, government documents, bank and other sensitive data
October 9, 2024
MoneyGram is back online after a cybersecurity breach disrupted services and compromised personal information. Between September 20 and 22, an “unauthorized third party” accessed and acquired the personal data of certain MoneyGram customers, the company said, leaving users unable to access their accounts. The money-sending service provided an update this past Monday, confirming that systems are ...