Dermatology management services giant QualDerm suffered a cyberattack in late 2025 which saw it lose sensitive personal and healthcare data on more than three million people.
The company is now notifying affected individuals by mail, noting in a breach notification letter that between December 23 and 24, 2025, a threat actor managed to access “a limited number of systems” and pull “certain information” stored within. That data includes a combination of people’s names, email addresses, dates of birth, medical record numbers, diagnosis and treatment information.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Grindr facing UK lawsuit over alleged data protection breaches
April 22, 2024
Gay dating app Grindr is facing a mass data protection lawsuit in London from hundreds of users who allegedly had their private information, including HIV status, shared with third parties without consent, a law firm said on Monday. Austen Hayes, which said the lawsuit is being filed at London’s High Court, said thousands of Grindr users ...
- MITRE says it was hit by hackers exploiting Ivanti flaws
April 22, 2024
The not-for-profit research and development organization MITRE suffered a cyberattack early this year, with the attack apparently hindering some operations, but there was no talk of stolen data. In a breach notification published on the MITRE website late last week, CEO and president Jason Providakes explained what happened and what the organization was doing about it. Read ...
- Discord’s updated Terms of Service are exactly the wrong response to its recent data breaches
April 20, 2024
It seems that Discord has been in the news for one reason or another lately, ranging from layoffs to massive privacy breaches and information theft by third parties. And now there’s something new on the horizon — one that may not seem like such a huge deal now but could cause massive issues later on down ...
- Singapore: Personal information of parents, staff at 127 schools accessed in data security breach
April 20, 2024
A data breach at one of its vendors has resulted in the “unauthorised access” of names and email addresses of parents and staff from five primary and 122 secondary schools, the Ministry of Education (MOE) said on Friday (Apr 19). MOE said it was notified by Mobile Guardian that its user management portal had been breached ...
- Cisco Duo says a third-party data breach stole MFA SMS logs
April 16, 2024
Cisco Duo has confirmed some sensitive customer data was stolen after a third-party cyber-incident. In a breach notification letter sent to affected customers, Cisco Duo said that its telephony provider, which it didn’t name, was compromised on April 1 2024. Unidentified threat actors mounted a phishing attack against the third party, through which they stole login ...
- Giant Tiger breach sees 2.8 million records leaked
April 16, 2024
When asked, they posted a small snippet as proof. The download of the full database is practically free for other active members of that forum. In March, one of Giant Tiger‘s vendors, a company used to manage customer communications and engagement, suffered a cyberattack, which impacted Giant Tiger, as reported by CBC. The retailer first learned ...