Breach Incidents – Page 105

Bits ‘n Pieces (Trozos y Piezas)

Posted on March 10, 2023 by chum1ng0

CL: BlackCat confirms attack on Fonasa DataBreaches recently reported a malware attack on Chile’s National Health Fund (FONASA). There is an update to report: In a chat on Tox, BlackCat confirmed to DataBreaches that they are responsible for the attack and they say that they will announce it soon on their leaks page. A spokesperson…

PDPC penalizes Eatigo over data protection failures leading to 2020 breach

Posted on March 10, 2023 by Dissent

On October 31, 2020, Eatigo reported a data breach of customer data and that the data had been put up for sale on a popular forum. The Personal Data Protection Commission investigated and found that: the personal data for sale on the online forum did not match any current databases in use by the Organisation…

AT&T Notifying some wireless customers of vendor incident

Posted on March 9, 2023 by Dissent

AT&T has been notifying some wireless customers of an incident involving an unnamed vendor. In a notice sent to a customer who shared it with DataBreaches, AT&T wrote: AT&T’s commitment to customer privacy and data security is a top priority. We recently determined that an unauthorized person breached a vendor’s system and gained access to…

Northeast Surgical Group notifies 15,298 patients of a HIPAA breach, but doesn’t tell them their information has been dumped.

Posted on March 7, 2023 by Dissent

In January, the BianLian ransomware group added an unnamed medical group to their leak site. In February, they also posted a teaser on their BreachForums account. Although neither listing named the victim, DataBreaches was able to figure out that it was the Northeast Surgical Group (“NESG”) in Michigan. DataBreaches reached out to them multiple times,…

Council of Granada database was sold by hacker. Should anyone be concerned?

Posted on March 7, 2023September 17, 2024 by chum1ng0

The Council of Granada is a public entity providing direct services to citizens as well as technical, economic, and technological support to the city councils of the municipalities of the province of Granada, Spain. On December 29, 2022, the group known as “GhostSec” listed a Granada Council database at dipgra.es for sale, claiming they had…

Medusa claims responsibility for Minneapolis Public Schools’ “encryption event,” provides proof of how much data they accessed

Posted on March 7, 2023 by Dissent

There’s another update to the “encryption event” first disclosed by Minneapolis Public Schools (MPS) in February. As of their most recent last update, MPS had stated that they had been able to restore systems and no ransom had been paid. At that time, DataBreaches had not found any gang claiming responsibility for the breach or…