Unauthorized access to a New Jersey Health Information Management (HIM) vendor’s portal has resulted in some patients’ protected health information being acquired and exfiltrated. Earlier today, DataBreaches was contacted by someone known to this site as “DarkFox.” DataBreaches has reported on DarkFox in the past without identifying them, but is identifying them this time by…
Category: Breach Incidents
Ransomware LockBit: a hundred victims per month in the first half
Valéry Rieß-Marchive reports: In the first half of the year, more than 420 victims were claimed on the showcase site of the LockBit 2.0 franchise. This figure is lower than the reality. But to what extent? The examination of clues present in the source code of the showcase site sheds new light… on the level of…
When the data leak is not from the victim you named, Wednesday edition
Ever since threat actor groups started naming and leaking victims who do not pay their demands, groups have occasionally misidentified their victims. Today’s example is courtesy of Avos Locker, who added the Canadian Mental Health Association to their leak site in April. Inspection of the data in the leak, however, quickly raised questions as to…
“You really don’t understand the situation…. Google about our team,” Hive tells victim
SuperAlloy Industrial Company Ltd. (SAI) is an international company specializing in engineering and manufacturing lightweight metal products predominantly for the automotive industry. You may not recognize their name but might be driving around on their wheels, as SAI has produced lightweight forged aluminum wheels for McLaren, Ferrari, AMG, BMW, Jaguar, Daimler, and other manufacturers. SAI…
Hackers claim to hit Israeli tourism sites
Tzvi Joffre reports: A hacker group called Sharp Boys claimed that it had obtained data from Israeli tourism sites on Tuesday, including ID numbers, addresses, credit card information and more. Which sites were affected? The affected sites, according to the hackers, are hotels.co.il, isrotel.com, minihotel.co.il, tivago.co.il and danhotels.com. Read more at Jerusalem Post.
GAO: HHS Needs Improved Data Breach Reporting
Frank Konkel reports: The Government Accountability Office is recommending the Department of Health and Human Services establish a feedback mechanism to improve the effectiveness of its data breach reporting process. The singular recommendation, issued in a June 27 audit, follows a significant increase in the number of data breaches involving unsecured protected health information at HHS….