The Pacific Pulmonary Medical Group (PPMG) in California has a significant data breach problem, but if you were to visit its website today, you’d have no clue that anything is amiss. On October 25, Everest Team added PPMG to its dark web leak site. The unencrypted personal and protected health information that they subsequently dumped…
Lucy Clarke-Billings reports: The Ministry of Justice has said it is aware of a data breach affecting prisons in England and Wales. Confidential prison layouts had been leaked onto the dark web in the past two weeks, according to The Times. A former prison governor told the paper organised crime groups could potentially use the information…
Bill Toulas reports: Russian state hackers APT28 (Fancy Bear/Forest Blizzard/Sofacy) breached a U.S. company through its enterprise WiFi network while being thousands of miles away, by leveraging a novel technique called “nearest neighbor attack.” The threat actor pivoted to the target after first compromising an organization in a nearby building within the WiFi range. The attack…
Clyde & Co write: The new Regulations on the Management of Network Data Security (《网络数据安全管理条例》) [1] (the “Regulations”) were issued by the State Council of the People’s Republic of China (“China”) on 24 September 2024 and will come into force on 1 January 2025. With a focus on network data [2], the Regulations supplemented and…
Reporting this via a Google translation of an article originally published in French. Valéry Rieß-Marchive reports: The brand provides its affiliates with Linux software allowing them to maintain complete control over the data stolen from their victims. The file is called “storage_linux_x64.” It is an executable for Linux. It is among the data of two…
In December 2023, DataBreaches added Rockford Gastroenterology Associates (“RGA”) to a list of possible ransomware victims after seeing a listing for them on the leak site for threat actors known as RA World. However, it wasn’t until September 2024 that RGA posted a notice on its website, and not until October that they notified HHS…