Chum1ng0 - Security Research 

@[email protected]
142 Followers
131 Following
822 Posts

#Chile-, Independent Researcher covering #hacktivism, #ransomware, #cybersecurity, #leaks, and data breaches in Latin America. #LATAM

You can subscribe to my newsletter dedicated to #cybersecurity, data breaches, misconfigurations, and #hacktivism in Latin America, created & edited by @chum1ng0

Newsletter: https://newschu.substack.com

#misconfigurations #leak #cybersecurity #dataleak #databreach #privacy

Newsletterhttp://newschu.substack.com
correo[email protected]
X(ex-Twitter)https://twitter.com/chum1ng0
Can you buy me a coffee?https://buymeacoffee.com/chum1ng0
Write-upshttps://write-ups.security-chu.com
##Bloghttps://www.security-chu.com
Chum1ng0 - Security Research Jun 8
Chum1ng0 - Security Research Jun 5

Qilin is extorting the clinic with threats to release patients’ personal and clinical information

https://www.security-chu.com/2026/06/el-grupo-de-ransomware-qilin-publico-en.html

#databreach #Chile #cl #ransomware #health #Healthcare

Chile: Ransomware Qilin extorsiona a la clinica Maitenes con publicar 800GB de datos

Ciberseguridad-Noticias- Latinoamérica: La Clínica no ha dado ningún comunicado sobre este incidente.

Chum1ng0 - Security Research Jun 5

Qilin is extorting the clinic with threats to release patients’ personal and clinical information

https://www.security-chu.com/2026/06/el-grupo-de-ransomware-qilin-publico-en.html

#databreach #Chile #cl #ransomware #health #Healthcare

Chile: Ransomware Qilin extorsiona a la clinica Maitenes con publicar 800GB de datos

Ciberseguridad-Noticias- Latinoamérica: La Clínica no ha dado ningún comunicado sobre este incidente.

Chum1ng0 - Security Research Jun 5
Chum1ng0 - Security Research Jun 3

California Back & Pain Specialists exposed 133GB of patient PHI on a public server (3,400+ driver’s licenses + full medical records).

After responsible disclosure, AWS took it offline. Company remains silent.

#DataBreach #CyberSecurity #HIPAA #ResponsibleDisclosure #Healthcare

Full report

https://write-ups.security-chu.com/2026/06/California-Back-Pain-Specialists-with-data-breach.html

@PogoWasRight

US: California Back & Pain Specialists Exposes 133GB of Patient Medical Records on Public Server

RESUME This report discloses a severe security misconfiguration in a publicly exposed server belonging to California Back & Pain Specialists...

Write.ups-security-chu.com
Chum1ng0 - Security Research Jun 3

California Back & Pain Specialists exposed 133GB of patient PHI on a public server (3,400+ driver’s licenses + full medical records).

After responsible disclosure, AWS took it offline. Company remains silent.

#DataBreach #CyberSecurity #HIPAA #ResponsibleDisclosure #Healthcare

Full report

https://write-ups.security-chu.com/2026/06/California-Back-Pain-Specialists-with-data-breach.html

@PogoWasRight

US: California Back & Pain Specialists Exposes 133GB of Patient Medical Records on Public Server

RESUME This report discloses a severe security misconfiguration in a publicly exposed server belonging to California Back & Pain Specialists...

Write.ups-security-chu.com
Chum1ng0 - Security Research Jun 3
Chum1ng0 - Security Research May 24

Sometimes I’ve found myself banging my head against the keyboard trying to contact companies to help them fix their misconfigurations and exposed servers.

After several frustrating experiences, I decided to create my own clear and structured Responsible Disclosure methodology.

Today I’m sharing it with you 👇

This flow represents how I handle vulnerabilities — always prioritizing ethical contact, escalation when necessary, and only publishing write-ups once the issue is fixed.

Opinions and constructive feedback are more than welcome. Have you faced similar situations? What’s your approach?

https://write-ups.security-chu.com/p/my-methodology.html

#ResponsibleDisclosure #Cybersecurity #SecurityResearch

Chum1ng0 - Security Research May 24

Sometimes I’ve found myself banging my head against the keyboard trying to contact companies to help them fix their misconfigurations and exposed servers.

After several frustrating experiences, I decided to create my own clear and structured Responsible Disclosure methodology.

Today I’m sharing it with you 👇

This flow represents how I handle vulnerabilities — always prioritizing ethical contact, escalation when necessary, and only publishing write-ups once the issue is fixed.

Opinions and constructive feedback are more than welcome. Have you faced similar situations? What’s your approach?

https://write-ups.security-chu.com/p/my-methodology.html

#ResponsibleDisclosure #Cybersecurity #SecurityResearch

Chum1ng0 - Security Research May 24
Chum1ng0 - Security Research May 16

INSDUBAI: Motor insurance policies, data of insured persons was exposed on an unprotected server.

This report details a misconfiguration in a publicly exposed server containing sensitive files belonging to policyholders in the United Arab Emirates.

After responsible disclosure to the affected entities and the UAE Cybersecurity Center, the server was taken offline, thereby securing the policyholders’ data.

No response was received from the involved parties; the server was simply closed.

https://write-ups.security-chu.com/2026/05/insdubai-data-breach-incident.html

#cybersecurity #databreach #UAE

insdubai.com: Motor insurance policies, data of insured persons was exposed on an unprotected server

The page no longer exists; the server that displayed documents from policyholders of various insurance companies has been shut down. RESUME ...

Write.ups-security-chu.com
Chum1ng0 - Security Research May 24
Chum1ng0 - Security Research May 20

I've compiled a complete index of my write-ups documenting misconfigurations and accidental data exposures across multiple countries.

Covering organizations in Chile, UAE, China, Finland, New Zealand, USA, Vietnam, Sri Lanka, and more.

Over 20 public reports of unprotected servers, open buckets, and exposed backups.

Full index → https://write-ups.security-chu.com/p/indexes.html

#CyberSecurity #InfoSec #DataBreach #Misconfiguration

Chum1ng0 - Security Research May 20

I've compiled a complete index of my write-ups documenting misconfigurations and accidental data exposures across multiple countries.

Covering organizations in Chile, UAE, China, Finland, New Zealand, USA, Vietnam, Sri Lanka, and more.

Over 20 public reports of unprotected servers, open buckets, and exposed backups.

Full index → https://write-ups.security-chu.com/p/indexes.html

#CyberSecurity #InfoSec #DataBreach #Misconfiguration

Chum1ng0 - Security Research May 16

INSDUBAI: Motor insurance policies, data of insured persons was exposed on an unprotected server.

This report details a misconfiguration in a publicly exposed server containing sensitive files belonging to policyholders in the United Arab Emirates.

After responsible disclosure to the affected entities and the UAE Cybersecurity Center, the server was taken offline, thereby securing the policyholders’ data.

No response was received from the involved parties; the server was simply closed.

https://write-ups.security-chu.com/2026/05/insdubai-data-breach-incident.html

#cybersecurity #databreach #UAE

insdubai.com: Motor insurance policies, data of insured persons was exposed on an unprotected server

The page no longer exists; the server that displayed documents from policyholders of various insurance companies has been shut down. RESUME ...

Write.ups-security-chu.com