Jeremiah Fowler reports: The publicly exposed database contained 2,363,222 documents in.PDF and.PNG formats with a total size of 92.3 GB. These included reservations, injury waivers, and receipts with partial credit card numbers and transaction details. Additionally, there were digital gift cards with no expiration date, source images for websites and templates. I immediately sent a…
Author: Dissent
Interior Health warns employees may be victims of privacy breach
Here’s one I missed while dealing with the DDoS, but let’s get caught up. The Canadian Press reported: An RCMP investigation has revealed a possible privacy breach for thousands of employees who worked or work at the health authority in British Columbia’s Interior. Interior Health says police contacted them in January about finding a document that…
Indiana Attorney General Files Suit Against Apria Healthcare
Attorney General Todd Rokita is filing a lawsuit on behalf of the people of Indiana against Apria Healthcare LLC for a massive data breach that impacted at least 42,000 Hoosiers and 1.8 million people nationwide. Apria is a provider of home healthcare equipment and related services across the United States. Apria provides medical equipment to over…
System Status Note
Yesterday, DataBreaches.net was hit with a massive DDoS attack that also affected PogoWasRight.org. DataBreaches.net is now back online: all the posts are back up, and media files are in the process of being reuploaded. PogoWasRight will be back online by the end of tomorrow. Thank you to everyone who reached out to me because they…
Banning Ransom Payments: Calls Grow to ‘Figure Out’ Approach
Mathew J. Schwartz reports: How might banning ransomware victims from paying a ransom to their attacker work in practice? As ransomware groups are causing massive damage and disruption and showing no signs of stopping, Ciaran Martin, the former head of Britain’s National Cyber Security Center, said “it’s time to figure out how to make a ransomware payments…
Update on Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard
From a new blog post by Microsoft: In recent weeks, we have seen evidence that Midnight Blizzard is using information initially exfiltrated from our corporate email systems to gain, or attempt to gain, unauthorized access. This has included access to some of the company’s source code repositories and internal systems. To date we have found…