Redazione reports: A 44-year-old man, a Romanian citizen, was arrested in Milan on charges of being the main director behind a series of cyber attacks orchestrated by the ‘Diskstation’ gang. This is a criminal organisation specialised in ransomware, active mainly against companies, professionals and technical studies. The arrest, carried out by the Italian Postal Police, is the…
A year after cyber attack, Columbus could invest $23M in cybersecurity upgrades
There’s an update to the City of Columbus, Ohio cyberattack by Rhysida that affected 500,000 residents but also resulted in the city trying to muzzle a whistleblower who tried to inform the community of the true extent of the breach. Jordan Laird reports: Days before the one-year anniversary of the cyberattack that temporarily crippled Columbus’ computer…
Gravity Forms Breach Hits 1M WordPress Sites
Victoria Mossi reports: In a startling revelation for the WordPress community, a critical security breach has been uncovered in the widely used Gravity Forms plugin, signaling a sophisticated supply chain attack. According to a detailed report by Patchstack, malicious code was embedded in manual installers available directly from the official Gravity Forms website, affecting versions…
Stormous claims to have protected health info on 600,000 patients of North Country Healthcare. The data appear fake. (1)
North Country HealthCare is a federally qualified community health center that provides comprehensive medical services in 14 locations in 11 communities throughout Northern Arizona. Their services include family medicine, pediatrics, obstetrics and gynecology, dental care, behavioral health services, telemedicine, health screenings, and more. An April 2022 article about them reported that North Country served 55,000…
Back from the Brink: District Court Clears Air Regarding Individualized Damages Assessment in Data Breach Cases
Gavin Reinke, Ashley Miller and Amanda Wellen of Alston & Bird write: On June 27, 2025, the District Court for the Middle District of Florida, on remand from the Eleventh Circuit, reversed course when it denied class certification to a group of plaintiffs who were purportedly impacted by a spring 2018 cyberattack on Brinker International,…
Multiple lawsuits filed against Doyon Ltd over April 2024 data breach and late notification
KUAC reports: Multiple class action lawsuits recently filed in federal court claim an Interior Alaska Native Corporation failed to take reasonable steps to protect personal data from a cyberattack last year. Court filings show at least four different plaintiffs have lodged a complaint against Doyon, Ltd., in Alaska District Court since mid-June, on behalf of…