Hospital Universitario Del Valle (HUV), a major public teaching hospital located in Cali, Colombia, has allegedly been compromised by a threat actor on a known cybercrime forum. The unidentified actor claims to have exfiltrated a significant amount of highly sensitive patient data and is currently attempting to sell the database for $500.
According to the actor, the allegedly compromised data includes 264,454 lines and documents, totaling approximately 25 GB of personal and medical information. The allegedly stolen data includes:
-
Record IDs and License numbers
-
Report UUIDs
-
Full names (first and last separated)
-
Document types and numbers
-
Birth dates and ages
-
Genders
-
Phone numbers
-
Addresses (including Municipality, Department, and Country)
-
Associated institutions and branches
-
History numbers
-
Treating physicians and registry details
-
Service, Ward, and Bed information
-
Full clinical lab results (including HIV, Rheumatoid Factor, ANA, Anti-DNA, Cholesterol, Glucose, Creatinine, Electrolytes, CBC, Coagulation, Troponin, etc.)
-
Sample dates (requested, collected, received, validated, printed)
-
Responsible bacteriologists and registry details
-
Radiographs
