[ddkdkdk343555]

Their main website: https://medcenter.ro/

- From https://www.linkedin.com/company/medcenter
MEDCENTER is one of the top five suppliers of private medical services in Romania, both clinical and laboratory.
At a glance:
  o Started in 1998
  o Owns a network of over 40 medical centers, laboratories, blood-collection locations
  o Around 6.000.000 laboratory tests yearly
  o Around 50.000 patients yearly
  o Around 40.000 medical subscriptions sold
  o Over 500 private companies as customers
  o Quality Management System certified according to SR EN ISO 9001:2015 standard
  o Medcenter Laboratories are RENAR accredited, according to SR EN ISO 15189:2013 standard

Industry: Hospitals and Health Care
Company size: 201-500 employees
Headquarters: București, România
Type: Privately Held

-
I've successfully hacked their Active Directory environment, obtained the domain administrator role, access the Network Attached Storage (encrypted & removed all backups), access the database servers, app servers (encrypted & removed them all).

-
The content of the data is sql databases (mostly patients' data, patients' health history record), documents of patients' data & backup of important virtual machines



-
Main website with the message telling they're under maintenance because of the hack





-
contact email for buying: ddkdkdk343555@proton.me

[johnsmith1924]

Their main website: https://medcenter.ro/

- From https://www.linkedin.com/company/medcenter
MEDCENTER is one of the top five suppliers of private medical services in Romania, both clinical and laboratory.
At a glance:
  o Started in 1998
  o Owns a network of over 40 medical centers, laboratories, blood-collection locations
  o Around 6.000.000 laboratory tests yearly
  o Around 50.000 patients yearly
  o Around 40.000 medical subscriptions sold
  o Over 500 private companies as customers
  o Quality Management System certified according to SR EN ISO 9001:2015 standard
  o Medcenter Laboratories are RENAR accredited, according to SR EN ISO 15189:2013 standard

Industry: Hospitals and Health Care
Company size: 201-500 employees
Headquarters: București, România
Type: Privately Held

-
I've successfully hacked their Active Directory environment, obtained the domain administrator role, access the Network Attached Storage (encrypted & removed all backups), access the database servers, app servers (encrypted & removed them all).

-
The content of the data is sql databases (mostly patients' data, patients' health history record), documents of patients' data & backup of important virtual machines



-
Main website with the message telling they're under maintenance because of the hack





-
contact email for buying: ddkdkdk343555@proton.me

This looks really big

[ddkdkdk343555]

Their main website: https://medcenter.ro/

- From https://www.linkedin.com/company/medcenter
MEDCENTER is one of the top five suppliers of private medical services in Romania, both clinical and laboratory.
At a glance:
  o Started in 1998
  o Owns a network of over 40 medical centers, laboratories, blood-collection locations
  o Around 6.000.000 laboratory tests yearly
  o Around 50.000 patients yearly
  o Around 40.000 medical subscriptions sold
  o Over 500 private companies as customers
  o Quality Management System certified according to SR EN ISO 9001:2015 standard
  o Medcenter Laboratories are RENAR accredited, according to SR EN ISO 15189:2013 standard

Industry: Hospitals and Health Care
Company size: 201-500 employees
Headquarters: București, România
Type: Privately Held

-
I've successfully hacked their Active Directory environment, obtained the domain administrator role, access the Network Attached Storage (encrypted & removed all backups), access the database servers, app servers (encrypted & removed them all).

-
The content of the data is sql databases (mostly patients' data, patients' health history record), documents of patients' data & backup of important virtual machines



-
Main website with the message telling they're under maintenance because of the hack





-
contact email for buying: ddkdkdk343555@proton.me

This looks really big

Yes, it's for sale

[johnsmith1924]

any sample of patient's data ?

[ddkdkdk343555]

any sample of patient's data ?

I do not know about romanian language, but, this should be at first glance

[johnsmith1924]

how did you hack them ?

[ddkdkdk343555]

how did you hack them ?

I hacked their Active Directory environment.

[ddkdkdk343555]

sample lab test of a patient

[johnsmith1924]

how did you hack them ?

I hacked their Active Directory environment.

any proofs beside databases ?

[ddkdkdk343555]

Some screenshots of RAT's RDP seeing what they're doing.

- They discovered that there're some unusual RDPs, so, they call the IT staff (gpanaIT) to see windows logon event



- Use hmsuser (a super domain) doing his health admin job everyday

--> The softwares (infoworld (https://www.infoworld.com/ ???) ...) used for health system in romania are old as expected. I think they have internet connections with other government entities in romania, but did not check