Alaska Corrections contractor denies ACLU claim of ‘massive’ prisoner health...
Sage Smiley reports: The American Civil Liberties Union of Alaska said that it uncovered a “massive” violation of medical privacy laws by a software company used by the Alaska Department of...
View ArticleADT Says Outside Party Obtained Employee Data in Cybersecurity Incident
Connor Hart reports: ADT is working with third-party cybersecurity experts and federal law enforcement to address an incident in which an outside party had illegally accessed its network, obtaining...
View ArticleRevenue Cycle Vendor Notifying 400,000 Patients of Hack
Marianne Kolbasuk McGee reports: A Texas-based healthcare revenue cycle management firm is notifying nearly 400,000 individuals of a hacking incident that it says originated with another third party....
View ArticleVirginia Contractor Settles False Claims Act Liability for Failing to Secure...
Here’s today’s reminder that it’s not just HHS OCR that entities need to be concerned about in terms of enforcement of data security requirements for health data. ASRC Federal Data Solutions LLC...
View ArticleArmy to defend small businesses against hackers with NCODE secure cloud...
Sydney J. Freedberg Jr. reports: AUSA 2024 — Army undersecretary Gabe Camarillo announced here Tuesday that the service would create a secure online enclave where small businesses can work with...
View ArticleESET partner breached to send data wipers to Israeli orgs
Lawrence Abrams reports: Hackers breached ESET’s exclusive partner in Israel to send phishing emails to Israeli businesses that pushed data wipers disguised as antivirus software for destructive...
View ArticleAmazon confirms employee data breach after vendor hack
Sergiu Gatlan reports: Amazon confirmed a data breach involving employee information after data allegedly stolen during the May 2023 MOVEit attacks was leaked on a hacking forum. The threat actor...
View ArticleCyberattack at French hospital exposes health data of 750,000 patients
Bill Toulas reports: A data breach at an unnamed French hospital exposed the medical records of 750,000 patients after a threat actor gained access to its electronic patient record system. A threat...
View ArticleStarbucks Shifts to Manual Processes After Contractor Ransomware Attack
Waqas reports: As the holiday season kicks off, a ransomware attack on Blue Yonder, the world’s leading supply chain management software provider, has disrupted operations for Starbucks and other...
View ArticleFailure to terminate access can be costly. Very costly.
Earlier today, DataBreaches posted an HHS OCR announcement of a settlement with a HIPAA covered entity. A former contractor had accessed its electronic medical record system on three occasions without...
View ArticleDeveloping: Blue Yonder ransomware attack claimed by Termite
Termite threat actor(s) have now claimed responsibility for the Blue Yonder ransomware attack that has caused widespread impact. They provide no proof as yet, but a note posted on their dark web leak...
View ArticleHackers are exploiting a flaw in popular file-transfer tools to launch mass...
Carly Page reports: Security researchers are warning that hackers are actively exploiting another high-risk vulnerability in a popular file transfer technology to launch mass hacks. The vulnerability,...
View ArticleHong Kong Privacy Commissioner’s Office Publishes Investigation Findings on...
December 9 enforcement action by the Privacy Commission of Hong Kong: Data Breach Incident of the Electrical and Mechanical Services Department (EMSD) The investigation arose from a data breach...
View ArticleSecurities and Exchange Commission Settles Charges Against Flagstar for...
ADMINISTRATIVE PROCEEDING File No. 3-22360 December 16, 2024 – The Securities and Exchange Commission today filed settled charges against Flagstar Bancorp, Inc. (now known as “Flagstar Financial,...
View ArticleConnectOnCall breach exposes health data of over 910,000 patients
Sergiu Gatlan reports: Healthcare software as a service (SaaS) company Phreesia is notifying over 910,000 people that their personal and health data was exposed in a May breach of its subsidiary...
View ArticleMore details emerge about RIBridges data breach; Deloitte tells state threat...
Threat actors’ leak site unreachable due to DoS attack; DataBreaches given exclusive preview of leak Marc Fortier reports: The hackers behind a major cyberattack that hit the State of Rhode Island’s...
View ArticleU.S. Army Soldier Arrested in AT&T, Verizon Extortions
Brian Krebs reports: Federal authorities have arrested and indicted a 20-year-old U.S. Army soldier on suspicion of being Kiberphant0m, a cybercriminal who has been selling and leaking sensitive...
View ArticleRIBridges has many lines of defense. How was the system breached?
This article by Alexander Castro originally appeared in Rhode Island Current on January 10, 2025 and is republished here under Creative Commons License. It was updated to replace several paragraphs in...
View ArticleDOJ confirms arrested US Army soldier is linked to AT&T and Verizon hacks
Zack Whittaker reports: U.S. prosecutors have formally linked the arrest of a serving U.S. Army soldier in December to a massive theft of U.S. phone records from AT&T and Verizon last year....
View ArticleToronto student information dating back to 1985 may have been accessed in...
Meredith Bond reports: Student information for those who attended Toronto District School Board as far back as 1985 may have been compromised by a cyber incident that happened in December 2024. On Jan....
View Article