Zack Whittaker reports: The private phone data of hundreds of thousands of people are at risk. Call records, text messages, photos, browsing history, precise geolocations and call recordings can all be pulled from a person’s phone because of a security issue in widely used consumer-grade spyware. But that’s about as much as we can tell you….
Category: Breach Incidents
Student and personnel files from Manhasset Union Free School District appear on the dark web (UPDATED)
On October 7, the Manhasset Union Free School District revealed that it may have been the victim of a ransomware attack. There can no longer be any doubt that they were attacked. Over the weekend, Vice Society threat actors dumped the district’s data on their dark web leak site. Inspection of some of the files…
REvil ransomware shuts down again after Tor sites were hijacked
Lawrence Abrams reports: The REvil ransomware operation has likely shut down once again after an unknown person hijacked their Tor payment portal and data leak blog. The Tor sites went offline earlier today, with a threat actor affiliated with the REvil operation posting to the XSS hacking forum that someone hijacked the gang’s domains. Read…
“Shoot the Messenger,” Friday edition: Homewood Health resorts to threats and a court order?
In July of this year, CTV News in Canada and DataBreaches.net reported on a breach involving Homewood Health in Canada. Both CTV and this site had become aware of the breach when data allegedly from Homewood showed up on a leak site called Marketo. Marketo claimed to have almost 300 GB of Homewood’s data for…
Recent decisions by the Singapore Data Protection
Two recent decisions by the Singapore PDPC. Breach of the Protection Obligation by ChampionTutor 14 Oct 2021 A financial penalty of $10,000 was imposed on ChampionTutor for failing to put in place reasonable security arrangements to protect personal data in its possession. The incident resulted in the personal data being exposed. The PDPC became aware…
JDC Healthcare discloses ransomware incident; still figuring out who needs to be notified
DALLAS, Oct. 7, 2021 /PRNewswire/ — JDC Healthcare Management LLC (“JDC”) is notifying individuals of an event that may affect the security of some personal information. While, to date, JDC has no evidence that information has been or will be misused, JDC is providing information about the event, JDC’s response to it, and resources available to help…