Dermatology management services giant QualDerm suffered a cyberattack in late 2025 which saw it lose sensitive personal and healthcare data on more than three million people.
The company is now notifying affected individuals by mail, noting in a breach notification letter that between December 23 and 24, 2025, a threat actor managed to access “a limited number of systems” and pull “certain information” stored within. That data includes a combination of people’s names, email addresses, dates of birth, medical record numbers, diagnosis and treatment information.
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Data of 33 million people in France stolen in its largest ever cyberattack
February 8, 2024
Over 33 million people in France – nearly half of its population – have been impacted by the country’s biggest-ever cyberattack. Two French service providers for medical insurance companies were targetted, with the companies admitting that millions of people’s data were exposed to the hackers. Read more… Source: MSN News
- Python Info-stealer Distributed by Malicious Excel Document
February 5, 2024
In January 2024, FortiGuard Labs obtained an Excel document distributing an info-stealer. From the fingerprints in this attack, it is related to a Vietnamese-based group that was first reported on in August 2023 and again in September. The attack stages before the info-stealer are simple downloaders that increase the difficulty of detection. This article introduces each stage ...
- Classified Japanese diplomatic info leaked after Chinese cyberattacks in 2020
February 5, 2024
Classified Japanese diplomatic information was leaked following Chinese cyberattacks on the Foreign Ministry in 2020, a government source said Monday, exposing the nation’s digital vulnerability. Japan detected the large-scale attack and release of diplomatic telegrams during a period of government under then Prime Minister Shinzo Abe, the source said, but the nature of the leaked information ...
- Europcar’s Alleged Data Breach Wasn’t Done Using AI, Experts Argue
February 2, 2024
French car rental company Europcar made headlines earlier this week following reports of an alleged data breach affecting nearly 50 million customers. Cyber security platform HackManac reported the incident on January 30th, noting that the stolen database containing usernames, passwords, full names, addresses, and several other user-identifying information had been listed for sale on a hacking ...
- Cloudflare blames previous Okta breach for November 2023 cyberattack
February 2, 2024
Cloudflare is laying the blame for the cyberattack it suffered late last year the after-effects of the critical Okta breach. The content delivery service provider has published a blog post detailing the cybersecurity incident it suffered on Thanksgiving Day 2023, noting that on November 23, 2023, a threat actor accessed the company’s self-hosted Atlassian server. Read more… Source: ...
- Former CIA employee sentenced to 40 years in prison after carrying out largest data leak in agency’s history
February 1, 2024
A former CIA employee was sentenced to 40 years in prison after carrying out the largest data leak in the agency’s history, the US Attorney’s Office of the Southern District of New York announced Thursday. Joshua Schulte – who was accused of handing over reams of classified data to WikiLeaks in 2016 – was convicted in ...