UPDATE1: MobiKwik is denying any breach. DataBreaches.net just received a statement from them: “Some media-crazed so-called security researchers have repeatedly attempted to present concocted files wasting precious time of our organization as well as members of the media. We thoroughly investigated and did not find any security lapses. Our user and company data is completely…
Category: Breach Incidents
NY: Personal Touch Holding Corp. hit by ransomware attack at MSP, more than 750,000 affected
March 25, 2021 /PRNewswire/ — Today, Personal Touch Holding Corp. (PTHC) announced it is addressing a data breach it discovered on January 27, 2021. PTHC is the parent company of subsidiaries that operate Medicare-certified home health agencies, licensed home care service agencies, hospice at home services and Early Intervention Programs, as well as a managed care plan…
Guns.com Gets Hacked, Spilling Gun Owner Information All Over the Dark Web
Lucas Ropek reports: Watch out, firearm lovers. The subtly-named guns.com, a place where Americans can go to pick out whatever stylish boomstick they like and have it shipped straight to their neck of the woods, seems to have a pretty awful data breach on its hands. Back in January, a hacker temporarily disabled the company’s website,…
Engineer reports data leak to Apperta, hears from the police
Ax Sharma reports another troubling instance of “Shoot the Messenger:” threatening or blaming those who responsibly disclose leaks that they discover. This episode appears to be brought to us via Apperta Foundation. Earlier this month, Dyke had discovered an exposed GitHub repository exposing passwords, API keys, and sensitive financial records which belonged to Apperta Foundation….
NXIVM sex-cult leader Keith Raniere under fire after lawyers accidentally reveal victim names in court docs
Noah Goldberg reports: Convicted sex-cult guru Keith Raniere and his legal team are in hot water for accidentally revealing the names of victims of the NXIVM leader in court documents Tuesday. The feds responded quickly, asking Brooklyn Federal Court Judge Nicholas Garaufis to seal the documents, which he agreed to and which was done early…
Coveware censors post after ransomware actors use it for promotion
Sam Varghese reports: Incident response firm Coveware has deleted a small portion of an article it had posted online in 2019, after the actors behind the REvil ransomware group — also known as Sodinokibi — used it to promote the efficiency of their own decryptor over that of the one used by rival ransomware actor,…