When COVID-19 travel restrictions eased as countries tried to re-open borders to travelers, researchers at Gemini Advisory observed that the sale of travel services — both legal and illegal — started to increase, opening up more opportunities for cybercriminals to monetize stolen payment card data. For those not really knowledgeable about travel services fraud, Gemini…
Category: Breach Incidents
Massive Nitro data breach impacts Microsoft, Google, Apple, more
Lawrence Abrams reports: A massive data breach suffered by the Nitro PDF service impacts many well-known organizations, including Google, Apple, Microsoft, Chase, and Citibank. Claimed to be used by over 10 thousand business customers and 1.8 million licensed users, Nitro is an application used to create, edit, and sign PDFs and digital documents. As part…
Mount Diablo Unified District responds to SchoolMessenger leak
On September 21, the Mount Diablo Unified District notified parents of a breach involving the SchoolMessenger app by Intrado. Their letter explains that on September 14, 2020, the district was informed that “when certain parents were using the SchoolMessenger mobile application, they were able to view a list of roughly thirty (30) unique names, emails,…
A nightmare breach involving psychotherapy records just got worse
There’s an update to previous post about a ransom situation in Finland impacting 40,000 psychotherapy patients at Vastaamo. As initially reported by Vastaamo, a psychotherapy practice with multiple offices and locations, they had been hacked and the hacker had acquired records of patients who had registered before the end of November 2018. Other sources reported…
Centerstone patients, employees impacted by data breach
Joseph Wenzel reports that Centerstone, a provider of substance abuse and mental health services, is notifying employees and patients of a breach: The investigation into the “IT security incident” started after an employee for Centerstone of Tennessee, Inc. noticed “unusual activity” involving their email account. Centerstone said an independent computer forensics firm found certain current…
Insider Threat: Vengeful Former Century 21 Employee Charged with Alleged Computer Tampering
October 21 – Manhattan District Attorney Cy Vance, Jr., today announced the indictment of HECTOR NAVARRO, 30, a former Human Resources systems administrator at Century 21’s Manhattan department store, for breaching the company’s network to steal and alter data. NAVARRO is charged in a New York Supreme Court indictment with Attempted Grand Larceny in the…