I do not recall ever seeing Horizon House in Philadelphia listed on any dedicated leak site used by ransomware groups, but according to a press release issued last week, Horizon House experienced a ransomware attack in March 2 and March 5 of this year that encrypted their files and allowed the unknown threat actor to…
Category: Breach Incidents
Two more ransomware attacks on medical entities impact 56,000 patients in Florida and Texas
DataBreaches.net notes two more ransomware attacks on U.S. medical entities. Neither of the incidents below, which impact approximately 56,000 patients in Florida and Texas, have appeared on any dedicated leak site affiliated with ransomware groups or markets – at least not as of the time of this publication. And neither incident has as yet shown…
Exposed Payment Integration API Keys Imperil Millions of Users’ Transaction Details and PII
Arshit Jain and Sai Ahladini Tripathy report some findings concerning the risk of unauthorized access to API keys enabling acquisition of sensitive or critical data. A recent investigation by CloudSEK found that a range of companies have mobile apps with API keys that are hardcoded in the app packages. “These keys could be easily discovered…
Northern Light Health reports data breach linked to Blackbaud incident
We are still first learning about Blackbaud clients impacted by their ransomware attack more than one year ago. We knew about some of the following, but not all. WGME reports: A Maine hospital says some patient information may have been stolen by hackers. Northern Light Health says information from its fundraising arm was also exposed….
Fitness Tracker Data Exposed 61 Million Records and User Data Online
Jeremiah Fowler writes: On June 30th, 2021 the WebsitePlanet research team in cooperation with Security Researcher Jeremiah Fowler discovered a non-password protected database that contained over 61 million records belonging to users around the world. The massive amount of exposed records were related to IOT health and fitness tracking devices. Upon further investigation there were multiple references…
UAE: Moorfields Eye Hospital in Dubai sees more staff and patient data dumped
In August, threat actors calling themselves AvosLocker announced that they had attacked Moorfields NHS UK & Dubai. DataBreaches.net’s investigation at that point indicated that the data they provided as proof came from the Dubai hospital and did not involve any UK personnel or patients. In a statement to this site, Moorfields confirmed that there had…