Tage Kene-Okafor reports: Last month, Flutterwave, Africa’s largest startup by private valuation, was involved in a hack that resulted in over ₦2.9 billion (~$4.2 million) missing from its accounts, according to local tech publication Techpoint Africa. According to the documents seen by the publication and reviewed by TechCrunch, unknown actors transferred the funds across 28 accounts…
Category: Breach Incidents
The Chautauqua Center notifies patients of breach; changes EMR provider
The Chautauqua Center (TCC) in New York has disclosed a HIPAA breach by a business associate. The business associate’s error resulted in the protected health information of 747 physical and occupational therapy patients being made accessible to other covered entities. According to their notification letter to those affected, the breach occurred on December 22nd at…
Another ransomware-related lawsuit settles: Preferred Home Care
Top Class Actions reports there is a settlement involving Preferred Home Care in New York. The lawsuit alleged the provider failed to protect employee and patient data from an attack in January 2021. The data breach allegedly compromised the information of 92,283 patients and employees, including sensitive health information and personal identifiers such as Social…
Bits ‘n Pieces (Trozos y Piezas)
ES: Stormous claims attack on Zurcal The Zurcal group, which belongs to the energy saving and efficiency sector, has been named by Stormous Ransomware in its Telegram channel. The attack was posted on February 24 with images showing invoices and plans. Stormous gave the victim one week to respond. In a subsequent post, Stormous added…
Minneapolis Public Schools systems restored, no ransom paid
Jeremiah Jacobsen has an update to the “encryption event” previously disclosed by Minneapolis Public Schools (MPS). [Note: MPS’s phrase “encryption event” appeared to be a ridiculous — and dare we say, sleazy– attempt not to call it a “ransomware attack.” The district still has not described it as ransomware attack.] Minneapolis Public Schools released a…
Lubbock Heart and Surgical Hospital sued for breach where no one knows for sure whether data was accessed or acquired
If the victim of a cyberattack cannot determine whether data was accessed or acquired, should that increase the damages sought by plaintiffs in a class action suit? Or should it get the suit tossed out because the plaintiffs can’t prove any theft of their data? Kelly Mehorter reports about a class action lawsuit filed against…