Razy malware has been around for a number of years now, and is still causing trouble. A Windows-based malware, one of the reasons that the malware has continued to be effective is that it can appear to be free software or a file on what would normally be a trusted site by the public, such…
Category: Breach Incidents
ClearBalance notifying more than 209,000 patients who have medical expense loans
Many readers may never have heard of CSI Financial Services, LLC but as ClearBalance, the California firm services loans made by hospitals and providers to patients who need to finance medical expenses. A recent filing with the Maine Attorney General’s Office reveals that beginning on March 8, there was unauthorized access to some employee email…
Millennia Group notifying people of 2019 email breach
Ohio-headquartered The Millennia Companies are involved in housing management. On some date that this site does not yet know, they learned that there had been unauthorized access to some employee email accounts between October 21, 2019 and December 18, 2019. “The Millennia Companies immediately launched an investigation in consultation with outside cybersecurity professionals who regularly investigate…
Update on The Woodruff Institute ransomware incident
On June 20, DataBreaches.net reported that The Woodruff Institute in Florida had been attacked by “Grief” threat actors. At that time, the threat actors had dumped some files concerning business operations from the multi-location plastic surgery and dermatology practice, but other than about 50 laboratory test result reports for patients, there was not a tremendous number…
Forefront Dermatology notifying patients and employees about ransomware incident
Update November 17, 2022: Forefront has reportedly settled a class action lawsuit for $3.75 million. Update: July 12, 2021: Post-publication, DataBreaches.net learned that external counsel for Forefront Management, LLC and Forefront Dermatology, S.C. reported the incident to the Maine Attorney General’s Office as impacting 4,431 patients. On July 14, however, this incident was added to…
Morgan Stanley reports data breach after vendor Accellion hack
People are first finding out NOW? Look at this timeline, provided by Sergiu Gatlan in his reporting on BleepingComputer: Guidehouse notified Morgan Stanley in May 2021. Guidehouse had been breached in January through the Accellion vulnerability. Guidehouse discovered the breach in March and the impact to Morgan Stanley customers in May. Why didn’t Guidehouse discover the…