It appears that a third-party vendor has quietly paid ransom to unidentified threat actors. In a press release yesterday, Renaissance Life & Health Insurance Company of America says they were notified on June 1 by their vendor, Secure Administrative Solutions LLC (“SAS”), of a ransomware incident that involved unauthorized access to its systems occurred between…
Category: Breach Incidents
NC: Sandhills Center remains silent after threat actors claim to have hacked them and exfiltrated 634 GB of their files
Update of September 4: Sandhills subsequently issued a press release that indicates that they could not confirm that the data came from them. See the follow-up report here. Original post: Sandhills Center in North Carolina manages public mental health, intellectual/developmental disabilities and substance use disorder services for the citizens of Anson, Guilford, Harnett, Hoke, Lee,…
Calgary’s parking authority exposed drivers’ personal data and tickets
Zack Whittaker reports: If you parked your car in one of the thousands of parking spots across Calgary, there’s a good chance you paid the Calgary Parking Authority for the privilege. But soon you might be hearing from the authority after a recent security lapse exposed the personal information of vehicle owners. The exposed server…
WV: Prestera Mental Health Center reports an incident — but is it really a new one?
On July 20, Prestera Mental Health Center posted a notice about what they describe as a “recent” incident. Their notice, which has been picked up by other sites, states, in part: “What Happened? On or about April 1, 2021, Prestera Center discovered that information related to certain individuals was potentially accessible to an unknown actor…
Clubhouse denies data breach
Megha Gupta reports: On July 23, a hacker group claimed that they have got access to over 3.8 billion phone numbers from Clubhouse servers. The claim posted on a hackers’ forum alleging the leak states that the list of numbers contains cellphone, fixed, private, and professional numbers. The information about the claim was shared on…
MN: Five in trouble with the state for unauthorized access of driver’s information
Tim Harlow reports: The deputy registrar’s office in Fairfax, Minn., is closed and its two employees are off the job after they accessed drivers’ motor vehicle records without an authorized purpose, according to the state Department of Public Safety. In an unrelated case in North Mankato, three employees at a deputy registrar’s office were stripped…