When the SunCrypt ransomware group opened a leak site where they listed victims who had not paid their ransom demands, they attracted public attention and demonstrated their ability to use the media to their advantage. BleepingComputer reported that SunCrypt operators had reached out to them to introduce themselves as part of the Maze cartel. Days…
Category: Breach Incidents
Houston-area health organization says patients targeted in phishing incident
Amanda Cochran reports: Legacy Community Health announced Tuesday that some of its patients were victims of an email phishing incident. The organization said it had mailed letters to affected patients. In a news release Legacy did not disclose how many people at its 15 Houston-area locations were affected by the phishing incident, Read more on…
Yevgeniy Nikulin sentenced to 88 months for hacks of LinkedIn, Dropbox, and Formspring
More than two years after he was extradited from the Czech Republic where he was arrested in 2016 for hacking LinkedIn, Dropbox, and Formspring, Russian national Yevgeniy Nikulin was sentenced today to 88 months by Judge William Alsup in federal court in northern California. Nikulin, also known as “Chinabig01,” “dex.007, ” “valeriy.krutov3, and “itBlackHat,” had…
Security lapse exposes hundreds of addresses of Minnesotans infected with COVID-19
Jay Kolls reports: In April, Gov. Tim Walz signed an executive order allowing the Minnesota Department of Health and the Minnesota Department of Public Safety to share addresses of COVID-19 patients with first responders across Minnesota. The governor imposed strict guidelines for sharing those addresses to protect the identity of Minnesotans with COVID-19. MDH and…
Ransomware Threat Actors Dump Data on Clark County School District Employees and Students
Tawnell D. Hobbs reports: A hacker published documents containing Social Security numbers, student grades and other private information stolen from a large public-school district in Las Vegas after officials refused a ransom demanded in return for unlocking district computer servers. The illegal release late last week of sensitive information from the Clark County School District…
Interim Report on Blackbaud Breach: 5.6 million patients and counting…
Since our first interim report, DataBreaches.net has continued to compile reports that mention patient information that was disclosed to Blackbaud and that may have been accessed or exfiltrated by ransomware threat actors in the data breach discovered in May. Despite the criminals pinky-swearing that they wouldn’t misuse the data and would destroy it all in…