05/30/2014

#Rex Mundi hacks and steals data from a Belgian provider of software for Belgian and European e-health institutions

Nor the CERT incident line nor the FCCU telephone line are responding at this moment .....

This is the message from Rex Mundi

"Dear friends and foes,

We have hacked the servers of Xperthis, a Belgian software company which creates applications for hospitals 
and healthcare professionals. These applications are used mostly to maintain and store patient records.
You would therefore expect Xperthis to pay close attention to their servers' security. But, whoops, guess not. Among the data we have obtained are over 800 login credentials and emails of healthcare professionals in Europe. Of course, we offered Xperthis a way out, as we always do. So far, Xperthis has failed to reply to our messages.
They have, however, been smart enough to take their website down (xperthis.be). Xperthis has 2 days left to pay us. If not, well, we already informed them of
what we will do with the data currently in our possession. Rex Mundi
http://dpaste.com/265BQ65/

the other question that is even more important is if they have administrative data of the technicians because they have access to most of the network through VPN and so on - but if there is no double authentification and you only use the login than that is no protection at all

another question - as they say that they have several data - is if they have been able to steal the code of these applications so you can look at ease at bugs and security vulnerabilities that could be exploited one day

if some of that code is patented or really something important than there is also the survival of the company itself that may be at stake

he's clearly asking for a lot of attention

and the website of experthis is ..... Under maintenance

Permalink | |  Print |  Facebook | | | | Pin it! |

The comments are closed.