The Killsec ransomware group has allegedly targeted AVA Senior Connect, a US-based communication platform designed for senior living communities. The company provides software that streamlines daily operations and interactions between staff, residents, and their families, handling sensitive functions like request management and dining coordination. The ransomware group has added AVA Senior Connect to its data leak site, threatening to release all stolen data if their ransom demands are not met and starting a seven-day countdown.
As proof of the breach, the threat actors have already published numerous documents allegedly exfiltrated from the company’s systems. An initial review of the leaked files reveals a trove of highly sensitive personal information belonging to both residents and staff of the facilities using the software. The exposed data allegedly includes:
- Meal order forms containing names, contact information, and specific location details.
- Caregiver notes and billing sheets, detailing personal care and services provided.
- Signed “Permission to Treat” medical consent forms.
- Training certificates and other internal documents.
