Security News > 2021 > October > Hackers arrested for ‘infiltrating’ Ukraine’s health database
The Security Service of Ukraine has arrested a team of actors who illegally infiltrated the information system of the National Health Service of Ukraine and entered false vaccination entries for other people.
The actors found clients in the Sumy region through a team of doctors who participated in the scheme and offered to create false COVID-19 vaccination certificates for anyone who paid them 3,000 hryvnias.
It is unclear if the actors were skilled hackers or healthcare insiders who used their work credentials to access the NHSU database.
"The attackers illegally"infiltrated" the information system of the National Health Service of Ukraine, which allowed them to enter false information into the mobile application "Action" about the "vaccination" of residents of the region," says the SSU's statement.
The government in Ukraine recently launched a central information app called "Action," where citizens can store vaccination certificates and other essential documents.
While the fake "Action" doesn't change the NHSU database and will not pass QR code scan checks, it's perfect for "Glance" checks when entering a public space.
News URL
Related news
- Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp (source)
- Russia-linked hackers target webmail servers in Ukraine-related espionage operation (source)
- Russian Hackers Exploit Email and VPN Vulnerabilities to Spy on Ukraine Aid Logistics (source)
- Russian hackers breach orgs to track aid routes to Ukraine (source)