Dissent Doe  6d ago

Also NEW by me:

"If threat actors gave you a chance to redact the patient data they hacked before they leak it, would you take them up on the offer? Read about the Woundtech incident."

I've never encountered any threat actors spending so much time redacting patient data before they leak it -- and even giving their victim the opportunity to redact the hacked data tranche before the threat actors leak it.

Read more about this one at:

https://databreaches.net/2026/03/23/if-threat-actors-gave-you-a-chance-to-redact-the-patient-data-they-hacked-before-they-leak-it-would-you-take-them-up-on-the-offer-read-about-the-woundtech-incident/

#databreach #healthsec #woundtech #cybersecurity #redaction #incidentresponse #FulcrumSec

@zackwhittaker @campuscodi @euroinfosec @DysruptionHub @amvinfe

Show threadamvinfe5d ago

@PogoWasRight @zackwhittaker @campuscodi @euroinfosec @DysruptionHub

I had never come across groups willing to redact sensitive data, nor had I ever seen a group offer to do so directly to its victim. As you point out, there is no certainty regarding FulcrumSec’s claims, but apparently there are no denials either.
If all of this were true, we would be dealing with an entity that was negligent both at the IT level and at the managerial level - and, above all, remarkably irrational.
I struggle to understand the logic behind their choices: they were willing to pay to prevent the data from being exposed, but not when it came to having it redacted? What kind of sense does that make?

Show threadDysruptionHub4d ago

@amvinfe @PogoWasRight @zackwhittaker @campuscodi @euroinfosec

That was a good read.

I’m guessing their lawyers probably told them that legally it was a HIPAA spill, regardless of the redaction efforts, and any cooperation could probably expose them to even more liability. So from their perspective, there was no benefit in cooperation, even if it might have been the moral choice.

Show threadSiguza4d ago
@DysruptionHub @PogoWasRight new strat just dropped: present your victims with multiple options that have different legal/regulatory consequences for them, until they lose their sanity
Show threadDissent Doe  

@siguza @DysruptionHub

I blogged about this because I am really curious about how this plays out from the perspectives of patients, legal counsel for breached entities, HHS OCR, cyberinsurers, and juries if a case ever went to trial.

Is this a Hobson's Choice for them?

Mar 25 at 2:07amWeb