Copies of fax cover letters from three pharmacies found exposed in an unsecured Amazon s3 bucket Faxes reveal patients’ names, addresses, dates of birth and their medications and doctors’ names Audio recordings in the second unsecured bucket reveals marketers claiming to represent firms that do not appear to exist as they try to get consumers…
Category: Breach Incidents
New malware Xwo can swipe all your credentials at once
What Xwo Does Xwo is not your typical ransomware that holds your data hostage nor cryptocurrency miner that takes command of your processing power for its own devices. Instead it scans systems looking for saved credentials and exposed services. Everything it finds, it sends back to the control server. Xwo is not the thief stealing…
Hacker site’s incriminating database published online by rival group
Dan Goodin reports: Hackers from Raidforums recently breached the site of rival hacking forum Cracked.to and spilled data for more than 321,000 of its members. The hackers did so while some of their victims were discussing cracking Fortnite accounts, selling software exploits, and engaging in other potentially illegal activities. In all, the dump posted on…
Sweet Chat: Chinese ‘Tinder’ with 10M users, exposed chats and private photos
Darryl Burke wrote: Sweet Chat, an Android based chatting and photo sharing application with over 10 million users, has been exposing its users chat content, and photos on an unsecured server. By using common MQTT related tools anyone can view real-time, the chats and private photos of all online Sweet Chat users. Review of the…
Do your office staff and answering service know how to respond to a notification?
Over the years, there have been numerous occasions when I’ve called a doctor’s office or service to alert them to a data leak or HIPAA breach. In some cases, I’ve reached office staff. In other cases, it may be an answering service. All too often, however, most of the people who have taken my calls…
Delta Airlines sues [24]7.ai over 2017 data breach
Those with good memories may recall that in April, 2018, we learned that hundreds of thousands of customers of Delta Airlines, Sears, Kmart, and BestBuy were impacted by a breach involving [24]7.ai – a California headquartered service that provides online customer chat for their clients’ web sites. The breach occurred between September 26 and October…