Sara Merken reports on a lawsuit stemming from a ransomware attack last year that potentially impacted almost 400,000 patients: A federal judge in Alabama dismissed a proposed class action against a major provider of dental services for children in the state that suffered a ransomware attack last year, concluding the plaintiffs lacked standing. U.S. District…
Category: Breach Incidents
Whose data are these — and are they real? NightLion v. Troia, Round 2
July 28 — Please see the correction notice and update at the bottom of this post. On Sunday, a person or persons calling themself “NightLion” revealed that they had hacked DataViper.io. Data Viper is a service its founder, Vinny Troia, describes as “A Threat Intelligence Platform Designed To Provide Organizations, Investigators, And Law Enforcement With…
Judge asks prosecutors if they have any real evidence against alleged LinkedIn hacker Yvgeniy Nikulin
Russian national Yevgeniy Nikulin has been in custody for four years now on charges he hacked LinkedIn, Dropbox, and the now-defunct FormSpring in 2012. His trial was scheduled to begin in a federal court in California in March, but then the coronavirus pandemic delayed it. The trial finally got going, but how solid is the…
“Keeper” Magecart Group Infects 570 Sites — Gemini Advisory Researchers
Yesterday, Gemini Advisory released a report on some of its research into what they are calling the “Keeper” Magecart Group. Their findings are simultaneously impressive and concerning. From their report, this summary of their key findings: Gemini discovered that the “Keeper” Magecart group, which consists of an interconnected network of 64 attacker domains and 73…
University of Michigan: Leaked emails, passwords were from ‘3rd-party data breaches’
Nisa Khan reports: University of Michigan students got a scare Friday night: warnings circulating on social media about an apparent data breach leaking their U-M email addresses and passwords. On Saturday, the University of Michigan released a statement saying the information was from older “third-party data breaches, such as Chegg, Zynga, LinkedIn” where users used their student emails to sign…
NY Employment Nonprofit Client Data Potentially Exposed
Rick Moriarity reports: A data breach at CNY Works may have exposed the names and Social Security numbers of 56,000 people who have used the nonprofit agency’s services to find jobs. Clients potentially impacted by the breach began receiving letters from the agency this week warning that files targeted by a suspected ransomware attack on the agency’s…