New York State Senator Monica R. Martinez writes: The frequency and sophistication of cybersecurity attacks on state and local governments across the United States are on the rise, but now New York state has enacted legislation to ensure public entities’ responses to these incidents won’t glitch. Earlier this summer, Gov. Kathy Hochul signed S.7672A/A.6769A, sponsored by state…
Author: Dissent
Are Scattered Spider and ShinyHunters one group or two? And who did France arrest? (1)
When DataBreaches was a kid, the “new math” they were experimenting with had us learning binary and other systems. It didn’t go over well with us, our teachers, or our parents back then. Now the “new math” for me is UNCs — specifically 6040, 5537, 3944, and 6240. 6040+5537+3944 +6240 = Scattered Spider + ShinyHunters…
Why we shouldn’t just repeat ransomware groups’ claims, Sunday edition
Some data leaks are not what you might expect from their listing on a dark web leak site. Today’s example is courtesy of a ransomware group that listed a medical practice on its leak site and then published the data. Because it was a medical practice, DataBreaches started to inspect the data tranche. To my…
Aftermath: More than 99% of providers opted to have Change Healthcare notify patients of its massive data breach
The Change Healthcare data breach affecting more than 190 million patients, stands as the largest single breach ever affecting patients. Threat actors known as BlackCat (aka AlphV) had reportedly used a set of stolen credentials to remotely access the company’s systems that weren’t protected by multifactor authentication. Confronted with a massive breach, UnitedHealth decided to…
Qilin Ransomware Affiliate Panel Login Credentials Exposed Online
Kaaviya reports: A significant security breach within the Qilin ransomware operation has provided unprecedented insight into the group’s affiliate network structure and operational methods. On July 31, 2025, internal conflicts between the ransomware group and one of its affiliates led to the public exposure of sensitive operational details, marking a rare glimpse into the inner…
HCA Healthcare settled two lawsuits this week; one was over its 2023 data breach
Steve Alder reports: HCA Healthcare Inc. has agreed to settle class action litigation stemming from a July 2023 data breach that was reported to the HHS’ Office for Civil Rights as affecting 11,270,000 patients. The affected individuals had received healthcare services at HCA hospitals and doctors’ offices in 20 U.S. states. HCA Healthcare was targeted by hackers…