Ransomware Group: BABUK2

VICTIM NAME: misaludhealth[.]com By Babuk Locker 2[.]0

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the BABUK2 Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The leak page pertaining to MiSalud Health reveals sensitive details regarding their operations and the extent of their data security failures. MiSalud Health is identified as a major player in the digital health sector, specializing in bilingual telehealth services. Despite being a well-funded company with over $71.7 billion accumulated from investors, including notable entities, the page highlights significant vulnerabilities in their cybersecurity protocols. This includes alarming issues such as plain text passwords and open FTP servers that jeopardize patient confidentiality and data integrity. The page suggests that their lax security measures are contrary to the expectations that come with substantial investments in technology and healthcare services.

The leak specifies that MiSalud Health hosts critical medical data unsecurely on local servers, further exacerbating the risk of data breaches. It has been described as having one of the worst server setups observed, leading to queries about the company’s commitment to safeguarding its users’ information. Additionally, the leak page mentions a significant volume of data at risk, with 1.7 Terabytes threatening to be published unless the company engages in negotiations. The presence of a single image on the page suggests further evidence of the company’s vulnerabilities or data mishandling, although the specifics of the image remain unlisted. Overall, the leak serves as a cautionary tale concerning the protection of health-related data among high-profile healthcare providers.