A significant data breach has allegedly struck a major Brazilian healthcare organization. The victim has been identified as the Federação das Santas Casas e Hospitais Filantrópicos de Minas Gerais (Federassantas), the federation representing non-profit and charitable hospitals in the state of Minas Gerais, Brazil. This organization plays a crucial role in the region’s healthcare system, coordinating and supporting numerous medical institutions. A threat actor has posted claims of the breach on a dark web forum, asserting they have exfiltrated a large volume of sensitive information.
The incident, which the perpetrator claims occurred on or around July 28, 2025, allegedly resulted in the theft of a comprehensive dataset spanning from 2017 to 2025. The threat actor is threatening to leak the full database if their demands for payment are not met, a common tactic in data extortion schemes. The data posted on the forum allegedly includes:
- Emails
- Passwords
- Travel expenses, fuel, food, social gatherings, and employee payments
- IPs, logs, and addresses
- Complete data on all member hospitals, including payment and default information
This breach poses a severe risk not only to the federation’s operations but also to its member hospitals and their employees. The exposure of such detailed financial, personal, and operational information could lead to widespread fraud, targeted phishing attacks, and significant disruption to essential healthcare services across the state of Minas Gerais. The incident underscores the increasing targeting of critical infrastructure, particularly the healthcare sector, by cybercriminals.
