Millions of newborn child registry data entries stolen by another MOVEit hack

Ontario’s state child registry organization was breached

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Months after the initial MOVEit cybersecurity incident, new victims are still being confirmed, with BORN Ontario, a Canadian government-funded birth registry, the latest big agency to confirm falling victim to the Cl0pransomwaregroup.

As per a press statement, the hackers stole data on 3.4 million people who sought pregnancy care, addressed fertility issues, as well as data on healthcare services provided to newborns and small children (roughly two million children).

The data stolen was collected from January 2010 until the incident in May 2023.

Clop strikes again

Furthermore, hackers took names, birth dates, postal addresses, and postal codes, as well as health card numbers. They also stole dates of care and service, lab test results, pregnancy risk factors, type of birth, procedures, and pregnancy and birth outcomes and associated care.

The attack seems extensive and the data extremely valuable, especially for those interested inidentity theftand phishing.

While BORN Ontario laid the blame for the hack on Clop, the Russian threat actor that compromised the secure file transfer service MOVEit last spring, Clop is yet to list this organization on its leak site. So far, hundreds of victims have been added to the site.

At the same time, the organization’s spokespersons seem to be quiet on the matter. When reached out to by TechCrunch, BORN Ontario spokesperson Tammy Kuepfer did not return any requests for comment. The organization did say it notified the police as well as Ontario’s privacy watchdog, the Information and Privacy Commissioner (IPC). This organization also did not comment on the news, other than saying that it was notified of the incident on June 14.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Whether or not BORN received a ransom demand, and if it paid it or not - remains to be seen.

ViaTechCrunch

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics