Chris Pandolfo reports: The Swiss hacker known as “maia arson crimew” blogged Thursday that she discovered the Transportation Security Administration “no fly” list from 2019 and a trove of data belonging to CommuteAir on an unsecured Amazon Web Services cloud server used by the airline. The hacker told The Daily Dot the list appeared to have more…
Month: January 2023
Rundle Eye Care notifies patients of data breach
At some time before or in early October, the Everest Ransom Team hacked Rundle Eye Care in California. On January 11, Drs. Keith and Herman Rundle notified patients and the California Attorney General’s Office about the incident. In their notification, the doctors do not reveal precise dates of the attack or its discovery but claim…
BlackCat adds NextGen to its leak site, but …. where did it go?
On January 17, BlackCat (aka ALPHV) added NextGen to their leak site. On January 19, DataBreaches sent an email inquiry to NextGen asking when they were attacked, whether files had been encrypted, and whether any employee data or patient data had been accessed or exfiltrated. NextGen responded promptly and then sent the following statement: NextGen…
LAUSD says Vice Society ransomware gang stole contractors’ SSNs
Sergiu Gatlan reports: Los Angeles Unified School District (LAUSD), the second-largest school district in the United States, says the Vice Society ransomware gang has stolen files containing contractors’ personal information, including Social Security Numbers (SSNs). LAUSD also revealed that the threat actors were active in its network for over two months, between July 31, 2022,…
DCH Health System notifies 2,530 patients whose records were improperly accessed by an employee
DCH Health System in Alabama has disclosed an insider-wrongdoing incident. If there’s anything positive or good-newsy in their disclosure, it’s that the problem was detected by a routine audit within 4 days of the improper access, and that within days of further investigation, they uncovered a history of similar improper access by the same employee…
WA: Pierce County accidentally shared SSN info linked to hundreds of thousands of voters
Shea Johnson reports: Pierce County inadvertently shared the last four Social Security digits for more than 463,000 registered voters in response to a public records request, spokeswoman Libby Catalinich said Wednesday. The sensitive information was sent by mistake last month to one person who sought public voter registration records from the county, Catalinich told The…