September 10, 2025 By Pierluigi Paganini
KillSec Ransomware claimed responsibility for a cyberattack on MedicSolution, a software solutions provider for the healthcare industry in Brazil.
The KillSec Ransomware group has threatened to leak sensitive data unless negotiations are initiated promptly. According to threat intelligence reporting by Resecurity, the root cause of the incident – data exfiltration from insecure AWS S3 bucket. Considering the investigation performed by cybersecurity experts, the window of exposure can be estimated at ‘several months.’ Probably, this is the first notable supply chain incident affecting the healthcare industry in Brazil.
Notably, it is not the first time the ransomware group has targeted Brazil. Some time ago, the actors leaked personal and business data containing CNPJ/CPF identifiers, transaction amounts, banking information, and other data from government resources in Brazil. At that time, the group did not clarify the full scope of the breach or its possible source. KillSec Ransomware was known for both confirmed incidents and fakes or speculations.
