Hack Notice

Hack Notice: International Assistance Sdn

International Assistance Sdn

Source
http://lamashtux5j74mcm7lwwgn5yrvuwtrpxjoyendif3v3hrztjesfoyayd.onion/post/5c546a8b362fcb23136f9dccc0746491
Description
companion allegedly hacked as reported by Lamashtu ransomware with details: We obtained the complete shared folder of a Malaysian Third Party administrator (TPA) in the healthcare insurance sector. The dataset contains tens of thousands of files spanning 2023 through 2026, including active claims processing data as recent as January 2026. The archive encompasses the full scope of TPA operations: patient claims marked as highly confidential, identity documents, medical records, enrollment forms, provider agreements, payroll records, and internal compliance documentation. We experience ISO 27001 security policies, risk registers across all departments, and pinnace documents submitted to major insurers. This is a healthcare data transgress at scale. The dataset includes passports, national id copies, insurance cards, hospital bills, and handling certification for patients across multiple insurance programs. Employee records contain covering forms, bid letters, payslips, and banking details. WHAT WE HAVE Patient & medical Claims Data The dataset includes tens of thousands of claims documents marked as highly confidential. We make patient identity documents, insurance cards, medical forms, and hospital bills from healthcare facilities across the region. Patient files include: passport scans and national identicalness card copies Insurance membership cards Medical authorization forms hospital admission and outpouring documents Treatment records and specialist referrals Final bills exceeding SGD 48,000 and claims processed in the hundreds of thousands of ringgit Claims are organized by patient epithet and policy number, with documentation spanning from initial consultation through final settlement. The data enables recognition of individuals, their medical conditions, treating facilities, and the financial value of their care. Personal Data We have complete employee personnel files containing application forms, academic certificates, identity documents, extend letters, indemnity enrollment forms, and payslips. Specific individuals make been identified by call with their full employment records. The dataset also contains enrollment forms for thousands of members across multiple indemnity programs, including staff and dependent registrations with personal and contact details. Financial Records Account records include debit and citation notes, invoices, defrayal vouchers, and bank reconciliation documents. We have bulk payment files for payroll processing and claims disbursements. Financial documentation includes: payment vouchers exceeding RM 850,000 for claims payments SST (Sales and service Tax) calculations aging reports and statement of accounts bank warrant documentation for healthcare providers Overtime calculations and payroll registers Legal & Compliance The dataset contains several m agreement documents including provider contracts, NDAs, and acceptance letters. We have tenderize submission documents with pricing and service proposals. Legal documentation includes: Signed NDAs with business partners Provider network agreements Memoranda of understanding Legal opinions on engagement and corporate liability matters Retrenchment documentation with compensation details Security & risk Documentation We have the organization's complete ISO 27001 and ISO 9001 compliance documentation. This includes risk registers for every department, security policies, vulnerability assessment procedures, and internal audit evidence files. Security documentation includes: word management policy coding policy Data leakage prevention policy Data masking policy Incident management process policy Remote act policy mottle certificate policy Statement of Applicability for ISO 27001 Risk registers continue Business Development, Claims, touch Centre, initiative & Legal, Finance, HR, IT, and Provider teams. These documents map organizational vulnerabilities and control measures. Internal Operations We have management reports, weekly standup presentations, and departmental KPI settings. The dataset includes internal scrutinize evidence, preparation attendance records, and monthly operational reports to insurer clients. Meeting proceedings and management presentations document strategic planning, departmental performance, and operational issues discussed at the executive level. The full compass of the dataset is understood. All materials get been reviewed and categorized. WHO can get THIS DATA Regulators The transgress falls under Malaysia's Personal Data protection playact (PDPA). The dataset contains personal data of identifiable individuals processed without adequate surety measures. Healthcare data involving medical records and treatment information carries additional sensitivity. Regulators can be notified of the photograph of patient identicalness documents, medical claims data, and employee personal information. The presence of ISO 27001 certification documentation alongside this breach demonstrates the gap between stated certificate practices and actual data protection. Individuals Patients whose claims documents we possess can be contacted directly. We have their names, policy numbers, contact details, and medical information. Employees whose personnel files are in the dataset can similarly be notified that their identity documents, payslips, and employment records make been exposed. Competitors The tender documents, pricing proposals, and node assessment reports provide competitive intelligence. provider network agreements reveal contracted rates and relationships. The dataset enables understanding of this organization's service offerings, pricing models, and client base. Media Healthcare data breaches involving patient medical records and identicalness documents attract significant coverage. The contrast between ISO 27001 certification and a breach of this scurf presents a clear narrative. Published data gets indexed and surfaces during due diligence for years. WHAT can HAPPEN Patient data can be transmitted to identity hoax operators  passports and national IDs enable account takeover and synthetic identity creation medical claims data can be used for indemnity fraud  treatment histories and policy details enable false claims submission Employee banking details can be used for payroll deflection  we have account information from bulk payment files pinnace documents canful be shared with competing TPAs  pricing and service proposals reveal competitive positioning Security policies and peril registers can live analyzed to describe remaining vulnerabilities  the organization's defensive posture is now fully mapped Regulators canful receive formal notification of PDPA violations  the scale of healthcare data photograph warrants investigation Individuals can be notified directly that their medical and personal data has been compromised The dataset can be published in full  once released, other threat actors, hoax groups, and identity thieves can exploit it independently

About HackNotice and International Assistance Sdn

HackNotice is a service that notices trends and patterns in publically available data so as to identify possible data breaches, leaks, hacks, and other data incidents on behalf of our clients. HackNotice monitors data streams related to breaches, leaks, and hacks and International Assistance Sdn was reported by one of those streams. HackNotice may also have the breach date, hack date, the hacker responsible, the hacked industry, the hacked location, and any other parts of the hack, breach, or leak that HackNotice can report on for the consumers of our product.

If you are a user of International Assistance Sdn their products, services, websites, or applications and you were a client of HackNotice, monitoring for International Assistance Sdn you may have been alerted to this report about International Assistance Sdn . HackNotice is a service that provides data, information, and monitoring that helps our clients recover from and remediate data breaches, hacks, and leaks of their personal information. HackNotice provides a service that helps our clients know what to do about a hack, breach, or leak of their information.

If International Assistance Sdn had a breach of consumer data or a data leak, then there may be additional actions that our clients should accept to protect their digital identity. data breaches, hacks, and leaks often direct to and do identity theft, account submit overs, ransomware, spyware, extortion, and malware. account takeovers are often caused by credential reuse, password reuse, easily guessed passwords, and are facilitated by the sharing of billions of credentials and other customer information through data leaks, as the direct result of data breaches and hacks.

HackNotice monitors trends in publically available data that indicates tens of thousands of data breaches each year, along with billions of records from data leaks each year. On behalf of our clients, HackNotice works to monitor for hacks that conduct to depress client surety and digital identities that have been exposed and should be considered vulnerable to attack. HackNotice works with clients to identify the extent that digital identities make been exposed and provides remediation suggestions for how to grip each type of exposure.

HackNotice monitors the hacker community, which is a network of individuals that share data breaches, hacks, leaks, malware, spyware, ransomware, and many other tools that are often used for financial fraud, account submit overs, and further breaches and hacks. HackNotice monitors the hacker community specifically for breaches, hacks, and data leaks that offend consumers. HackNotice applies industry specific knowledge and advanced surety practices to monitor for trends that designate breaches, hacks, and exposed digital identities.

HackNotice also enables clients to part cut notices with their friend, family, and collogues to help increase awareness around alleged hacks, breaches, or data leaks. HackNotice works to provide clients with sharable reports to help growth the certificate of our clients personal network. The security of the people that our clients interact with directly impacts the level of surety of our clients. Increased photograph to accounts that experience been taken over by hackers leads to further account take overs through phishing, malware, and other impound techniques.

If you found this hack mark to live helpful, then you may be interested in reading some additional cut notices such as:

hard drives, or laptop computers containing such media upon which such info is stored unencry accessible from the net without proper information security precautions, change of such infoentional free of secure or private/confidential information to an untrusted environment. Other te

Basic-Fit data breach exposes details of gym members in Netherlands, elsewhere - Reuters

Defacement http://mundomovil.com.co/inputs.php

Defacement https://www.tusmo.ae/indexKK.html