On April 4, SEIU 775 Benefits Group in Washington experienced abnormal activity in their system and started investigating. Their investigation revealed that an unauthorized individual had gained access to their systems and had deleted some files with personal and protected health information in the process. There was no evidence, however, that the unauthorized individual had…
Category: Breach Incidents
Medtronic plc notifies patients after employee’s devices accessed by unauthorized person
It hasn’t been in the headlines — at least not yet — but Medtronic, a well-known medical device company, is notifying some customers after an incident one employee’s devices may have compromised personal or patient information. According to a notification letter, on March 12, an employee’s computer, phone, and iPad were “taken and accessed for…
AU: Avaddon threat attackers demand ransom from NSW Labor
NSW Labor is Australia’s Labor Party (New South Wales Branch). Now Avaddon threat actors claim that they have hacked them and stolen data. NSW Labor, the company does not want to cooperate with us, so we give them 240 hours to communicate and cooperate with us. If this does not happen before the time counter…
Orthopedic Associates of Dutchess County notifies more than 330,000 patients of breach
On March 5, Orthopedic Associates of Dutchess County in New York (“OADC”) became aware of suspicious activity involving its systems. Their investigation determined that an unauthorized actor gained access to certain OADC systems on or about March 1, 2021, encrypted files, and then claimed to have removed and/or viewed certain files. According to the notification…
Ca: Boutin transport company victim of a cyber attack
Groupe Boutin Inc. is a firm in Quebec providing logistics, transportation, and warehousing services, as well as private fleets. Sam Harper reports that the firm called in a security specialist after detecting a problem and receiving a ransom demand. According to the company’s statement (translation): The customer and employee portals, accessible from their website, are…
SmileDirectClub reveals cybersecurity incident that could cost millions
Joel Stinnett reports: SmileDirectClub was the victim of a cybersecurity threat last month that could cost the teledentistry firm as much as $15 million, the company announced in a filing made Monday with the U.S. Securities and Exchange Commission. The incident, which occurred April 14, caused a systems outage at the Nashville-based company but was…