A hacker named ‘batwhatman’ is selling the source codes for all PilotFish Technology software on the dark web, including the ones related to HL7-supported medical devices, according to security firm InfoArmor.
Cybercriminals most probably compromised a corporate SVN server and stole various application codes written in JAVA, InfoArmor stated. Some of the source code listings and filenames point to PilotFish business applications with coding strings like ‘pieadmin,’ ‘EIPExecutor,’ and ‘eip-server.’ According to the hackers, the source codes are from all of PilotFish’s products and include more than 10,000 files.
“This is clearly a risk to users of PilotFish Technologies software, particularly within the Healthcare industry and should raise significant concerns regarding the potential associated with third party providers being targeted by cybercriminals,” Andrew Komarov, chief intelligence officer for InfoArmor said in a statement.
According to the security firm’s report, ‘batwhatman’ also accessed the PilotFish’s customer database and customer licensing system containing records and information about the company’s clients. In addition to that, it appears that PilotFish Employee information and online usernames have also been leaked by the cybercriminal. The whole database includes information from 1,797 companies from countries, such as the U.S., Canada, Australia, China, and various EU nations.