Samaya Dharmaraj reports: In an era where digital transformation shapes every aspect of governance, business, and daily life, safeguarding citizens’ personal data has become a top priority for India. Recognising the critical need for a secure andaccountable digital ecosystem, the government has taken significant steps to establish a robust framework for data protection and cyber resilience. At…
HHS’s public breach tool added a listing today that was submitted by the Khalil Foundation (DBA Khalil Center). The center describes itself as a psychological and spiritual community wellness center advancing the professional practice of psychology rooted in Islamic principles. They are covered by HIPAA. On December 22, they notified HHS that 1153 individuals had…
Eric Katz reports: Current federal employees, retirees and others impacted by widespread breach of personal data maintained by the Office of Personnel Management took advantage of only a small portion of the money made available in a settlement agreement following the 2015 hack. Plaintiffs in the class action lawsuit reached a settlement in 2022 with…
There are leaks and then there are leaks. Hundreds of thousands of people who shared houses via Roomster might want to say a mental “Thank you” to the researcher known as @JayeLTee, who discovered a long-standing data leak and took steps to get it secured. As JayeLTee relates, he first spotted the misconfigured server in…
The threat actor known as 0mid16B contacted DataBreaches this morning to alert this site to a breach involving a U.K. photo business, DEphoto (DEphoto[.]biz). DEphoto is an established business for school, sports, club, and event photography. According to 0mid16B, they attacked DEphoto on December 25, and acquired the personal information of 555,952 customers, 429,597 orders…
TechCrunch recently did its annual write-up of badly handled data security incidents. The following wasn’t in it but is one of the worst security and privacy failures that I’ve ever read, and that’s saying a lot. This case stems from a ransomware attack by Medusa Locker in October 2020 that is first being seriously addressed…