{
	"id": "419fbbe8-3bdc-42e4-9c82-38e4e4ce4e47",
	"created_at": "2026-04-11T02:22:33.938623Z",
	"updated_at": "2026-04-11T02:24:15.488374Z",
	"deleted_at": null,
	"sha1_hash": "9a415a67984b4776e7f3340bf27fa9f56f7412cf",
	"title": "Update: Daixin leaks more data from Bluewater Health and other hospitals; databases yet to be leaked - DataBreaches.Net",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 34308,
	"plain_text": "Update: Daixin leaks more data from Bluewater Health and other\r\nhospitals; databases yet to be leaked - DataBreaches.Net\r\nPublished: 2023-11-03 · Archived: 2026-04-11 02:06:27 UTC\r\nAs some will likely have already noticed, Daixin Team released the second part of the data leak from five\r\nhospitals in Ontario that have IT services provided by TransForm SSO. The first leak, containing many patient\r\nrecords, was previously reported by DataBreaches on November 1.\r\nSkimming the second tranche,  DataBreaches noted a lot of internal hospital files such as forms and administrative\r\nmatters. There were some files with employee information, and in that regard, DataBreaches was pleased to\r\nobserve that some files that likely had sensitive employee-related information like disciplinary matters were\r\npassword-protected.\r\nDataBreaches also noted that this tranche also contained patient data, but not the kinds of scanned files as in the\r\nfirst tranche. This tranche included records concerning COVID-19 vaccinations with patients’ names, dates, and in\r\nsome cases, a bit of their reactions or history to vaccinations.  Other patient-related files that DataBreaches noted\r\ninvolved named patients’ medications and suggestions for medications. Those files, in the form of worksheets and\r\nsuggestion documents included the patients’ names, diagnoses, dates, names and doses of medications, and\r\ncomments related to the medication regimen for the patient.\r\nDataBreaches did not go through all the files so there may be other files with patient information or employee\r\ninformation in addition to what is described above.\r\nAccording to Daixin’s listing for this incident, there are more data to be leaked. Unlike some ransomware groups\r\nthat threaten to leak immediately and then do not,  Daixin Team has been extremely consistent — once they start\r\nto leak — and they start to leak as soon as a deadline passes —  they don’t wait a long time between the leaks.\r\nBased on their pattern, DataBreaches expects to see the third leak and then the databases dump within days.  As\r\nthey say, the full leak will be soon.\r\nBut that said, DataBreaches notes that the “full leak” may not actually include all of the data they acquired.\r\nAccording to statements made to DataBreaches today by their spokesperson, they have been considering different\r\nstrategies for dealing with victims who do not pay, and they may be selling some of the data rather than leaking it.\r\nWhen asked whether they would sell the data on a forum or market, they indicated that it would be a bulk sale to\r\ndata brokers who can resell it to scammers and other groups.\r\n“Where the data will be sold to, I don’t know,” they told DataBreaches. “Brokers will receive it directly from us,\r\nand then it is no longer our concern.”\r\nWhether Daixin will actually follow through on this is unknown to DataBreaches, and from their description,\r\nDataBreaches would likely have no way to verify any such sale unless someone later provided this site with data\r\nor proof of sale.\r\nhttps://www.databreaches.net/update-daixin-leaks-more-data-from-bluewater-health-and-other-hospitals-databases-yet-to-be-leaked/\r\nPage 1 of 2\n\nWould Daixin just say that to try to pressure victims into paying? Perhaps, but that ship has already sailed for\r\nTransForm and these hospitals. Perhaps it’s being said now for the benefit of future victims to consider.\r\nDataBreaches really doesn’t know, but will continue to monitor this situation.\r\nSource: https://www.databreaches.net/update-daixin-leaks-more-data-from-bluewater-health-and-other-hospitals-databases-yet-to-be-leaked/\r\nhttps://www.databreaches.net/update-daixin-leaks-more-data-from-bluewater-health-and-other-hospitals-databases-yet-to-be-leaked/\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MISPGALAXY"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://www.databreaches.net/update-daixin-leaks-more-data-from-bluewater-health-and-other-hospitals-databases-yet-to-be-leaked/"
	],
	"report_names": [
		"update-daixin-leaks-more-data-from-bluewater-health-and-other-hospitals-databases-yet-to-be-leaked"
	],
	"threat_actors": [],
	"ts_created_at": 1775874153,
	"ts_updated_at": 1775874255,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/9a415a67984b4776e7f3340bf27fa9f56f7412cf.pdf",
		"text": "https://archive.orkl.eu/9a415a67984b4776e7f3340bf27fa9f56f7412cf.txt",
		"img": "https://archive.orkl.eu/9a415a67984b4776e7f3340bf27fa9f56f7412cf.jpg"
	}
}