Cyberattack on medical software also affects Santa Fe
Over 600,000 medical records leaked and new victims in the country’s largest healthcare data breach.
What began as an isolated case in private clinics in Córdoba has now been confirmed as a massive and expanding cyberattack that is also affecting medical institutions in the province of Santa Fe. The vulnerability remains the same: the medical software provider Informe Médico, compromised in a sophisticated supply chain attack that has put dozens of healthcare centers across the country at risk.
According to recent reports, over 665,000 medical records have been leaked, this time linked to clinics and hospitals in Santa Fe. This dramatically increases the number of victims and makes this breach the largest healthcare data leak in Argentine history.
The same provider, a new wave of victims
The pattern repeats itself: the attackers did not target clinics or hospitals directly, but instead compromised the system they use to process, store, and share clinical studies. From lab reports to radiological images, the stolen information is now circulating on underground forums on the dark web.
Santa Fe in the crosshairs
The impact on the province of Santa Fe is significant. Clinics that had until now trusted a system that seemed secure are now vulnerable, with their patients’ information exposed. Cybersecurity expert Rodrigo Álvarez, speaking to local media, warned that the data is already up for sale and that the current threat lies in identity theft and highly targeted phishing attacks.
“The attackers pose as the affected clinics. They use the logo, the name of a medical test, or a matching date. They call via WhatsApp or send messages to deceive the patient. That’s the new front of attack,” Álvarez warned.
What was leaked in this second wave?
- Medical studies (CT scans, ultrasounds, lab tests)
- Personal information of patients and healthcare professionals
- Medical records with diagnoses, dates, names, and treatments
Consequences and concerns
Although this is not a typical ransomware attack, the data extortion method proves to be even more dangerous. No systems were encrypted — information was stolen directly and is being sold for cryptocurrency, beyond the reach of traceability.
This new chapter of the attack reveals a structural weakness affecting the entire digital healthcare system in Argentina.
And it brings back the same unsettling question we asked just days ago:
Are we prepared to face a threat of this magnitude?
