On March 16, 2024, National Diagnostic Imaging (NDI) experienced a network disruption. Their investigation subsequently revealed that they had been the victim of unauthorized access between February 19, 2024, and March 27, 2024. According to a letter from one of their clients, they notified Birth Choice of San Marcos on August 19 of the scope…
TV Globo reports (machine translation) that a 33-year-old Brazilian hacker suspected of invading the systems of the Brazilian federal police and other international institutions has been arrested. The hacker, known as “USDoD” was arrested this morning in Belo Horizonte (MG), less than two months after he was doxed by Crowdstrike. The public doxing of him…
While it’s never good news that another medical entity has fallen prey to a cyberattack, in this day and age, it is somewhat impressive when an entity responds promptly. On October 4, Boston Children’s Health Physicians (BCHP), a medical practice in New York and Connecticut, mailed letters to affected current and former employee, patient, and…
Update of October 24 — We have made excellent progress, I think, but are still investigating some things that were broken. If you spot or experience any problems, please let me know via email to fixitfolks@databreaches[.]net.
The following enforcement action was related to FTC action, also announced today, but is a separate settlement with states. The following press release is from Connecticut’s Attorney General: (Hartford, CT) – Attorney General Tong announced today that a coalition of 50 attorneys general, co-led by Connecticut, has reached a settlement with Marriott International, Inc. as…
From the Federal Trade Commission: The Federal Trade Commission will require Marriott International, Inc. and its subsidiary Starwood Hotels & Resorts Worldwide LLC to implement a robust information security program to settle charges that the companies’ failure to implement reasonable data security led to three large data breaches from 2014 to 2020 impacting more than 344…