After multiple unsuccessful attempts to get a popular Japanese medical online consultation site to secure a misconfigured bucket, researchers at SafetyDetectives have decided to publicly disclose the leak. Doctors Me provides customers with on-demand access to professional medical advice. People can sign up for a monthly unlimited access plan (for less than $3.00 per month)…
Author: Dissent
Threat actors leak data from Scottish Association for Mental Health
It appears that RansomExx threat actors have hit the Scottish Association for Mental Health (SAMH). On March 18, SAMH posted a notice on its website. The full notice says it was dealing with an “I.T incident, which is affecting our colleagues’ ability to receive and respond to emails across both our national and local service…
WI: New development in Janesville school district ransomware incident
In October 2021, the School District of Janesville in Wisconsin disclosed that they had experienced a ransomware incident. At the time, they said that no data had been accessed or destroyed and that they had not received any ransom demand. In short order, their claims were challenged on a Russian-language forum where someone calling themself…
KOAM obtains document detailing cost of City of Joplin data breach
Chris Warner reports: In July of last year, the City of Joplin had what they called a “network security incident”. It ultimately shut down city phones, online services, and someone outside managed to take files out of the city’s network. That impacted employees, as some employer-sponsored health plan files were taken, and some residents were…
Ca: Dang claims he hacked Alberta vaccine passport system using Kenney’s birthday to highlight flaws
Ashley Joannou reports: Edmonton-South MLA Thomas Dang has admitted to hacking the Alberta government’s COVID-19 vaccine record system last year using Premier Jason Kenney’s birthday. In an exclusive interview with Postmedia, Dang, who resigned from the NDP caucus in December and now sits as an independent, said he did it to highlight security vulnerabilities and…
The Obsession with Faster Cybersecurity Incident Reporting
Tim Erlin writes: Requirements for reporting cybersecurity incidents to some regulatory or government authority are not new, but there has always been a large amount of inconsistency, globally, in exactly what the requirements are. More recently, there’s been a growing trend across government and regulatory bodies in the United States towards shorter timeframes for reporting…