AirAsia Group* pledges to be responsible when gathering personal information and to protect privacy “in every possible way.” That’s not a contract, mind you, but just an expression of their commitment. On November 11 and 12, AirAsia Group fell victim to a ransomware attack by Daixin Team. The threat actors, who were the topic of…
Category: Breach Incidents
No sign patient information leaked; Interdev platform for Canadian paramedic agencies taken offline
Brendan Burke of The Peterborough Examiner reports: There’s nothing to suggest patients’ confidential information has been compromised after a cybersecurity incident forced Peterborough County-City Paramedics’ data collecting software system to be shut down earlier this week, says Chief Randy Mellow. “There’s absolutely no evidence that this incident has caused any medical or personal information to…
Gateway Rehab issues notice about June ransomware incident
On July 8, DataBreaches reported that Gateway Rehab in Pennsylvania had apparently become the victim of a ransomware attack by Blackbyte. DataBreaches’s report included redacted screenshots of files sensitive protected health information that had been leaked on the threat actors’ leak site. Gateway had not responded to inquiries from this site nor posted any notice on…
Lake Charles Memorial Health System issues statement about cyberattack; Hive responds
LCMH never responded to DataBreaches’ emailed inquiries to them about a significant data security breach claimed by Hive, but after Hive started leaking their data and DataBreaches published a post about the attack and data leak, LCMH gave news outlet KPLC a statement. Their brief statement can be found in its entirety on KPLC. Of…
Alert (AA22-321A) #StopRansomware: Hive Ransomware
CISA has issued an alert about the Hive ransomware group. Summary Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of…
Meta Fires Employees and Contractors for Improperly Accessing Users’ Accounts and Selling Them to Hackers
Daniel Kreps reports: Meta, the parent company of Facebook, has fired or disciplined dozens of employees and contractors — including Meta security guards — following an internal probe that revealed they were improperly accessing users’ accounts for reasons including bribery. The Wall Street Journal reports that, for years, the employees and contractors wrongly used Facebook’s internal mechanism for helping password-forgetting…