The Accellion breach also impacted Qualys; threat actors start dumping files
As I noted yesterday on Twitter, Qualys was added to threat actor CLOP’s leak site, raising the question as to whether the firm had been an Accellion client. They had. Qualys issued a statement later...
View ArticleCourt Upholds Insurers’ Denial of $6M Crime Claim for Phishing Loss
Andrew G. Simpson reports: Real estate software maker RealPage has been denied a $6 million computer crime insurance coverage claim because the stolen funds were not in its possession but were instead...
View ArticleData of 580,000 Singapore Airlines customers leaked in SITA security breach
Toh Ting Wei reports: About 580,000 Singapore Airlines (SIA) customers have been affected by a data leak at an external firm. SIA said in a statement yesterday that members of its KrisFlyer and PPS...
View ArticleSouthern Illinois University School of Medicine impacted by Accellion breach,...
It appears that SIU was impacted by the Accellion breach that has been in the news a lot this past month. SIU is the first entity, however, to disclose that the incident impacted protected health...
View ArticleSC: Sandhills Medical Foundation notifies patients of vendor breach
Updated 3/6/2021: Sandhills reported this incident to Maine as impacting 39,602 patients, total. Original Post: Sandhills Medical Foundation has posted a notice of a data security incident on their...
View ArticleMassive Supply-Chain Cyberattack Breaches Several Airlines
The SITA breach that also impacted 580,000 Singapore Airlines customers is getting more attention as more and more airlines issue statements to their customers. Now my friends are even sending me...
View ArticleCa: Personal data of 50,000 N.S. health-care workers may have been...
Reports concerning an incident involving Nova Scotia Health Employees’ Pension Plan (NSHEPP) in Canada are part of the Accellion breach that has been in the news since January. NSHEPP has posted a...
View ArticleJP: Consulting firm hit with ransomware; 350 households have info possibly...
Hokkaido Cultural Broadcasting reports that an unnamed consulting firm in Tokyo contracted by Asahikawa City as part of rebuilding a housing complex was compromised by ransomware, resulting in the...
View ArticleTrillium Community Health Plan members impacted by Accellion breach
DataBreaches.net has found a second HIPAA-covered entity that has revealed that it was affected by the Accellion attack by CLOP threat actors. On February 25, Trillium Community Health Plan in Oregon...
View ArticleData leak at Dutch foreign credential assessment service impacts 18,000
ANP reports (translation): Foreigners looking for a job in the Netherlands can obtain an assessment of their diploma on the labor market from the organization Nuffic. The application system used by...
View ArticleWalmart: Notice of Data Security Incident
On February 16, 2021, Walmart was informed by one of its suppliers that a data hosting service they used was compromised on January 20, 2021. An unauthorized party accessed the service and stole...
View ArticleAU: Victoria privacy breach of vulnerable youth data
Joseph Brookes reports: A youth case worker stood down from a Victorian health department service provider on suspicion of accessing child pornography continued to access sensitive information about...
View ArticleAR: Total Life Healthcare data breached in ‘ransomware attack’
Region 8 reports: Participants’ data of St. Bernards Total Life Healthcare, Inc. was breached by a ransomware attack, according to a media release from HIPAA Privacy Officer Daya S. Shipman. PeakTPA, a...
View ArticleArizona Complete Health notifies plan members of Accellion breach
On February 26, Arizona Complete Health notified plan members of the Accellion breach. According to the notification (see below), the threat actors (who have since self-identified as CLOP) were able to...
View ArticleMalaysia call centre worker jailed for retrieving Singtel customer details...
Lydia Lam reports: A team leader at a call centre in Malaysia handling technical support for Singtel customers helped an ex-colleague retrieve information from more than 1,000 business accounts...
View ArticleCa: Nunavut schools confirm school information system vendor suffered...
On March 3, this site noted that a security incident affecting Manitoba school districts sounded like a ransomware attack on Edsembli. Yesterday, Nunavut’s Department of Education confirmed it was a...
View ArticleTransport NSW documents posted on dark web after Accellion hack
Anton Nilsson reports that threat actors who have been dumping files from Accellion clients have started dumping files from Transport NSW: Massive amounts of sensitive NSW government documents have...
View ArticleVengeful IT Contractor Sentenced to Two Years for Deleting Carlsbad Company’s...
March 22 — Deepanshu Kher was sentenced today in federal court to two years in prison for accessing the server of a Carlsbad Company and deleting over 1,200 over the company’s 1,500 Microsoft User...
View ArticleThreat actors leak files with protected health information from U. Miami
In December and January, threat actors successfully exploited multiple vulnerabilities in an older file transfer system by Accellion. A number of Accellion’s clients subsequently found themselves on...
View ArticleSolairus Aviation Notice Regarding Avianis Data Security Incident
PETALUMA, Calif., March 23, 2021 /PRNewswire/ — Today, Solairus Aviation, a US-based aviation services company whose core business is assisting owners with the safe, reliable, and economical operation...
View Article