Sernac demands details from Clínica Dávila after massive data leak

Chile's National Consumer Service (Sernac) has issued a formal request to Clínica Dávila following a cyberattack that leaked about 250 gigabytes of sensitive patient data. The agency demands detailed information within 10 business days on the incident, attributed to a foreign ransomware group named Devman. Compromised data includes clinical records, diagnoses, and medical test results, such as HIV screenings.

Chile's National Consumer Service (Sernac) has stepped in regarding a serious cybersecurity incident at Clínica Dávila and Servicios Médicos S.A., where a hack led to the exfiltration of roughly 250 gigabytes of confidential patient information. The attack, linked to the foreign ransomware group Devman, exposed clinical files, medical diagnoses, sensitive test results including HIV screenings, identity card copies, and operational databases of the facility.

Sernac has required the clinic to provide within 10 business days a timeline of the incident, the total number of affected patients broken down by data type, existing security measures at the time of the breach, and the attack vector used. It also seeks details on containment actions, notification methods to those impacted, received complaints, and preventive steps for future threats. The clinic must state its stance on potential civil and administrative liabilities.

The agency stressed that data protection is a core right under the Consumer Protection Law (LPC). Failure to meet the deadline could prompt judicial and administrative actions from Sernac. It urged possible victims to file claims through the Consumer Portal using Clave Sernac or ClaveÚnica, or via phone and in-person channels nationwide.

This episode highlights the fragility of healthcare systems to cyber threats, emphasizing the importance of strong security protocols to protect patient privacy.

Связанные статьи

Illustration of ANCI-confirmed cyber infiltration in Chilean public agency due to stolen credentials, featuring hacker screens and government imagery.
Изображение, созданное ИИ

ANCI confirms infiltration in public agency due to stolen credentials

Сообщено ИИ Изображение, созданное ИИ

Chile's Agencia Nacional de Ciberseguridad (ANCI) detected an infiltration in a public agency after a staff member's login credentials were stolen. Security Minister Trinidad Steinert described the alert as delicate and deferred the investigation to ANCI. The issue was resolved by closing accesses, though most circulating data stems from prior leaks.

Chile's National Cybersecurity Agency (ANCI) ruled out a recent cyberattack following reports of a suspected data leak at the General Treasury of the Republic (TGR). Authorities confirm services are operating normally and data was previously leaked. Lawmakers voiced concerns over structural cybersecurity shortcomings.

Сообщено ИИ

Health Minister May Chomali voiced concern over an Interior Subsecretariat indication requiring health centers to share data on irregular migrant patients. The government clarified that the measure respects patient rights and aims to support specific migration procedures.

DentaQuest has confirmed a cybersecurity incident involving unauthorized access to part of its network. Health data linked to 2.6 million accounts appeared on a public breach listing this week.

Сообщено ИИ

Chile's National Consumer Service has summoned Panini Chile S.A. following complaints about pre-sale delivery delays and poor customer service for the Mundial 2026 album. The action follows reports from buyers who did not receive orders on time.

Этот сайт использует куки

Мы используем куки для анализа, чтобы улучшить наш сайт. Прочитайте нашу политику конфиденциальности для дополнительной информации.
Отклонить