A security breach of extreme severity has been detected, affecting VUMI Group (VIP Universal Medical Insurance), one of the leading international health insurance companies. The threat actor, ByteToBreach, has published technical evidence of a deep intrusion that compromises the personal and medical information of hundreds of thousands of individuals.
Affected Entity: VUMI Group (http://VumiGroup.com).
👤 Threat Actor: ByteToBreach
📊 Number of Victims: 300,000 policyholders and over 25,000 employees/agents.
📅 Date of Detection: April 13, 2026.
🛠️ Attack Vector: SQL Injection
📑 Exfiltrated Information (Extremely Sensitive):
Complete PII: Names, addresses, and contact details.
Official Documentation: Images of passports and W-9 tax forms.
Identity Data: Social Security Numbers (SSNs) for both clients and agents.
Agent Roster: Details regarding partners and internal staff.
Sources:
https://x.com/VECERTRadar/status/2043677207793443265
https://darkforums.su/Thread-DATABASE-USA-VUMI-Group-Insurance-Database
#CyberSecurity #VUMIGroup #DataBreach #InsuranceLeak #SSN #PassportLeak #ByteToBreach #VECERT #Cybersecurity #Hacking #InfoSec #SecureHealth #SQLInjection
Posted by Fit_Asidy