Brazil’s healthcare system has become the latest victim of KillSec ransomware, a group notorious for exploiting supply chain vulnerabilities to maximize damage.
On September 8, 2025, KillSec claimed responsibility for a cyberattack on MedicSolution, a major healthcare software provider, threatening to leak sensitive data unless negotiations are opened. The attack highlights the growing risks for patients and institutions as cybercriminals increasingly target healthcare IT vendors.
According to Resecurity, the breach exposed over 94,000 files, totaling more than 34 GB of highly sensitive data, including medical evaluations, lab results, X-rays, unredacted patient photos, and records of minors.
By compromising MedicSolution’s platform — widely used by clinics and labs across Brazil — KillSec has multiplied its reach, affecting institutions such as Vita Exame, Clinica Especo Vida, Centro Diagnostico Toledo, and others. This attack follows a series of intrusions by KillSec in Colombia, Peru, and the United States, underscoring a regional wave of cyber aggression against healthcare providers.
Resecurity’s analysis revealed that the stolen data was found in exposed AWS cloud buckets, suggesting weak security protocols rather than sophisticated hacking. The lack of timely incident response left the data open to further exploitation, prompting CERT.br and Brazil’s National Data Protection Authority (ANPD) to step in.
Under Brazil’s LGPD data protection law, healthcare data is considered highly sensitive, and organizations face strict liability for breaches. Past rulings have resulted in significant damages, fines, and mandatory compliance measures.
The incident is a stark reminder of the healthcare sector’s vulnerability in the digital era. With the rapid adoption of electronic records and cloud-based services, hospitals and vendors remain prime targets for cybercriminals seeking to monetize stolen medical data on the dark web.
Unless robust audits, staff training, and security upgrades are implemented, Brazil’s healthcare ecosystem risks further erosion of patient trust and regulatory crackdowns.
