Department Answers Frequently Asked Questions, Provides Guidance, and Issues Limited Enforcement Policy for First 90 Days Today, the Justice Department took significant steps to move forward with implementing a critical program to prevent China, Russia, Iran, and other foreign adversaries from using commercial activities to access and exploit U.S. government-related data and Americans’ sensitive personal…
Patient data leaked from cyberattack on Brunswick Medical Center
Leora Schertzer reports: A cyberattack on the Brunswick Medical Center has compromised personal information of patients and staff, the Pointe-Claire clinic announced on Friday. The attack targeted its IT system on March 24, the announcement said. “Despite our continued efforts, some patient health information as well as personal information about our employees and professionals was…
No need to hack when it’s leaking: SavantCare edition
Today’s concerning leak is brought to you by SavantCare. The leak was discovered by an independent researcher who first reported it on his blog yesterday. In his report, @JayeLTee states that he found exposed data that included data from SavantCare employee chats. “Over two-thirds of the 308 users on the chat were for SavantCare, a…
In Secret Meeting, China Acknowledged Role in U.S. Infrastructure Hacks
Dustin Volz reports: Chinese officials acknowledged in a secret December meeting that Beijing was behind a widespread series of alarming cyberattacks on U.S. infrastructure, according to people familiar with the matter, underscoring how hostilities between the two superpowers are continuing to escalate. The Chinese delegation linked years of intrusions into computer networks at U.S. ports,…
Preservation notice sent to Radford University in widening data leak case
Thomas Mundy reports: Attorneys have sent a preservation notice to Radford University leaders to preserve all relevant evidence regarding a possible data breach involving former students. Former Michigan assistant football coach Matt Weiss has been federally indicted after prosecutors accused him of hacking into private accounts of student-athletes to access potentially compromising images. “When it…
Physicians’ billing and revenue management firm hit by LockBit
DataBreaches should no longer be surprised to see threat actors claim to have hundreds of GB of files from medical entities, but it’s still concerning that entities can have so much data accessed and exfiltrated and yet not detect the attack. For today’s example, we point to Physicians Medical Billing, which was added to LockBit3.0’s…