On September 20, this site noted a breach impacting some residents of Pell City, Alabama. At that time, there were many unanswered questions based on the little the city had disclosed. Now they have published a press release that reveals that the breach involved their vendor, Technology Management Resources (TMR). The TMR breach had been…
Category: Breach Incidents
More drama on a forum, and a slew of new databases dumped
It looks like the threat actor known as ShinyHunters was active again. It also looks like there was some drama about a sale of databases that was supposed to be exclusive but wasn’t, and databases and links to databases getting dumped. What databases, you wonder? Well, BleepingComputer reports on the Animal Jam database, and there…
PROOF POINTS: What happens when private student information leaks
Drawing upon the incredible work of Doug Levin and his K-12 Cybersecurity Resource Center, Jill Barshay of The Hechinger Report highlights some of Doug’s findings — findings the GAO relied heavily upon in their recent report. How you tabulate breaches can make a huge difference in the public’s — and Congress’s — understanding of the…
Patients need to be notified sooner of ransomware dumps
In the past year, we have seen a significant increase in the use of dedicated leak sites where ransomware threat actors post the names of victims and dump some of their data to pressure them to pay demanded ransom. In the U.S., HIPAA gives covered entities no more than 60 days from discovery of a…
Alibaba-Backed Bigbasket Suffers Major Data Loss in Cyberattack
Saritha Rai has more on the BigBasket breach reported this past week: Cyberattackers have stolen the personal details of million users of top Indian internet grocer Bigbasket, the latest e-commerce data breach to emerge as home-bound consumers flock online. Bigbasket co-founder and chief executive officer Hari Menon confirmed the attack, which was first reported by…
Luxottica has a lot more explaining to do
Update: My source was correct. On November 12, HHS added Luxottica’s report to their public breach tool. Luxottica reported, as a business associate, that 829,454 patients were impacted by the August breach. In September, we learned that the eyewear giant Luxottica had suffered a massive ransomware attack that resulted in its suspending operations in both…