TV Globo reports (machine translation) that a 33-year-old Brazilian hacker suspected of invading the systems of the Brazilian federal police and other international institutions has been arrested. The hacker, known as “USDoD” was arrested this morning in Belo Horizonte (MG), less than two months after he was doxed by Crowdstrike. The public doxing of him…
Category: Breach Incidents
Boston Children’s Health Physicians notifies employees and patients of September cyberattack
While it’s never good news that another medical entity has fallen prey to a cyberattack, in this day and age, it is somewhat impressive when an entity responds promptly. On October 4, Boston Children’s Health Physicians (BCHP), a medical practice in New York and Connecticut, mailed letters to affected current and former employee, patient, and…
System Notice
Update of October 24 — We have made excellent progress, I think, but are still investigating some things that were broken. If you spot or experience any problems, please let me know via email to fixitfolks@databreaches[.]net.
Attorney General Tong Co-Leads $52 Million Multistate Settlement with Marriott for Data Breach of Starwood Guest Reservation Database
The following enforcement action was related to FTC action, also announced today, but is a separate settlement with states. The following press release is from Connecticut’s Attorney General: (Hartford, CT) – Attorney General Tong announced today that a coalition of 50 attorneys general, co-led by Connecticut, has reached a settlement with Marriott International, Inc. as…
FTC Takes Action Against Marriott and Starwood Over Multiple Data Breaches
From the Federal Trade Commission: The Federal Trade Commission will require Marriott International, Inc. and its subsidiary Starwood Hotels & Resorts Worldwide LLC to implement a robust information security program to settle charges that the companies’ failure to implement reasonable data security led to three large data breaches from 2014 to 2020 impacting more than 344…
HHS Office for Civil Rights Imposes a $240,000 Civil Monetary Penalty Against Providence Medical Institute in HIPAA Ransomware Cybersecurity Investigation
In April 20218, DataBreaches reported a ransomware incident in February 2018 that had affected 81,550 patients of the Center for Orthopaedic Specialists (COS) – Providence Medical Institute (PMI) in California. The entity’s notification at the time indicated that patients’ names, dates of birth, details about medical records, and Social Security numbers had been involved in the…