The timeline from their notification to consumers tells the sad story: Notice of Data Security Incident We are notifying you of a recent data security incident involving your personal information. This notice explains the incident, steps Xfinity has taken to address it, and guidance on what you can do to protect your personal information. What…
Category: Breach Incidents
Four Held in ICMR Data Leak Case
Ishaan Negi reports: It has emerged that the Indian Council of Medical Research’s (ICMR) data bank contained over 81 crore Indians’ personal information, a startling discovery that shocked the whole country. The breach, which was uncovered by central intelligence agencies two months ago, presents grave questions regarding the protection of private data and the possible…
If at first you don’t succeed, screw it up again?
In mid-November, DataBreaches reported that AlphV threat actors had added MeridianLink to their leak site. When their victim wouldn’t pay them, AlphV (aka “BlackCat”) filed a complaint with the Securities & Exchange Commission alleging that MeridianLink failed to comply with the SEC’s new cybersecurity rule requiring notification within four days of discovering a material breach….
Troubling attacks on medical sector continue: cancer center’s data leaked, specialty infusion pharmacies locked?
Attacks on the medical sector continue. Fred Hutchinson Cancer Center This week, the group known as Hunters International claimed responsibility for an attack on the Fred Hutchinson Cancer Center in Washington. Yesterday, they dumped data from an attack that allegedly included the exfiltration of 533.1 GB of files. Inspection of the tranche suggests that the…
Update: Fred Hutch Cancer Center attack claimed by Hunters International
On December 8, DataBreaches reported that Fred Hutchinson Cancer Center had been the victim of a ransomware attack and that the then-unnamed threat actors were trying to extort patients directly. Today we learned that the threat actors are Hunters International, who listed the incident on their leak site. As of publication, they have not leaked…
Neurology Center of Nevada allegedly attacked by Qlin
Cardiovascular Consultants in Arizona is not the only U.S. medical entity the ransomware gang known as Qlin has hit. On December 4, Qlin added the Neurology Center of Nevada (NCN) to their leak site. They also provided screenshots as proof of claims. Some of those screenshots revealed personal or protected health information. In addition to…