FILTERING BY: CLEAR FILTER

One Medical Amazon Alleged 8.8 TB Data Exfiltration by ShinyHunters

Threat actor group ShinyHunters claims the exfiltration of 8.8 terabytes of sensitive data from One Medical, a healthcare provider owned by Amazon. The breach targets the intersection of cloud-scale infrastructure and Protected Health Information (PHI), posing severe risks of medical identity theft and regulatory non-compliance. While the specific initial access vector remains under investigation, the scale of the exfiltration suggests a significant compromise of backend storage, database systems, or cloud snapshots. The incident is currently in an active extortion phase, with the threat actor demanding payment to prevent the public release of sensitive patient records.

DentaQuest Data Breach: 2.6 Million Dental Member Records Exfiltrated

DentaQuest, a major dental benefits administrator, has suffered a significant data breach resulting in the exfiltration of approximately 234GB of sensitive records belonging to 2.6 million members. Attributed to the threat actor group ShinyHunters, the breach includes high-value Protected Health Information (PHI), dental insurance records, and Personally Identifiable Information (PII). While the specific initial access vector—potentially involving credential theft, zero-day exploitation, or cloud misconfigurations—is still being determined, the incident presents an acute risk for medical identity theft and sophisticated phishing campaigns. Immediate forensic investigation into lateral movement and data egress protocols is critical for remediation and regulatory compliance.


LINK COPIED TO CLIPBOARD