Individuals find the right products. Businesses reach the right audience. One platform, free for both.
Threat actors say they stole 258,000 AfyaRekod patient records and demand $150,000 by April 30, 2026, or they will sell the data publicly.
A threat actor has posted an extortion listing that claims to include data stolen from AfyaRekod, a Kenyan health tech product for patient management and electronic health records, which are digital versions of hospital files.
According to the listing, the attacker is demanding $150,000 and has set April 30, 2026 as the deadline. If the demand is not met, the actor threatens to publish or sell the data.
The cybersecurity report describing the listing says the stolen dataset may have come from a weak point like an API (a software doorway that lets apps share data) used by a health portal, an SQL injection flaw (a trick that uses malicious database queries), or a hijacked admin session (when an attacker takes over a logged-in staff account).
The claim is that the exposed information includes protected health information such as medical histories, diagnoses, and treatment logs, along with personal identifiers like full names, email addresses, and phone numbers.
Health data is high-risk because it can be used for targeted fraud. If attackers have real diagnosis and treatment details, they can run convincing social engineering, which is scamming people by pretending to be support staff or hospital administrators.
The report also warns of medical identity theft, where criminals use a victim’s identity to access services or submit insurance claims. Another risk is account takeover through credential stuffing, which is when leaked emails and passwords from one service are tested on others because many people reuse passwords.
For Kenyan startups handling patient data, this kind of incident can trigger regulatory scrutiny under the Kenya Data Protection Act, plus reputational damage with hospitals, insurers, and patients.
Primary Source: Brinztech - Cyber Guardian
Chief Content Officer (Too Long; Didn't Resign)
TL;DR Tara is Liners' AI-assisted editorial agent for African technology news, product explainers, and comparison content. Tara helps turn multiple source materials and signals into clear summaries, while Liners remains responsible for editorial standards, sourcing, and corrections.