Ali Oromchian Esq of the Dental and Medical Counsel wrote the following piece: As technology evolves so do the risks to a dental practice especially when it comes to HIPAA and other related security breaches of sensitive data. When you own a dental practice, a data breach occurs when there has been unauthorized access to…
Category: Breach Incidents
AU: Security researcher pleads guilty in GoGet case
There’s an update to a case previously noted on this site in January, 2018. Rohan Pearce reports: Illawarra-based security researcher Nikola Cubrilovic has pleaded guilty to charges related to unauthorised access to the GoGet service and will be sentenced in May. Cubrilovic was arrested in January 2018 and charged with allegedly accessing a database the car-sharing…
Spanish Gym Franchise Database Exposed By Partner’s Data Breach
Bob Diachenko reports: On March 8th, 2019, I have identified a passwordless MongoDB database that was exposing sensitive information of an estimated 6,608 VivaGym job candidates and other business related data. VivaGym is a Spanish low-cost gym franchise operating in Spain and Portugal. At the moment of the discovery, database already had a ‘WARN’ collection,…
Woman Sues Northwestern Medicine Over Alleged Insider Wrongdoing that Exposed Her Medical Information on Twitter
Suzanne Le Mignot reports: A woman at the center of a lawsuit says Northwestern Medicine Regional Medical Group did not inform her of a privacy breach of her medical records until she called after seeing the records posted on social media. Gina Graziano calls it a breach of trust and said Northwestern should have better…
Database leaks 250K legal documents, some marked ‘not designated for publication’
Catalin Cimpanu reports: A database containing 257,287 legal documents, with some marked as “not designated for publication,” was left exposed on the public internet without a password, allowing anyone to access and download a treasure trove of sensitive legal materials. The database, which was left online for roughly two weeks, contained unpublished legal documents relating…
Bitcoin Ransomware Cripples Boston Legal System for Two Weeks
P. H. Madore reports: Boston public defenders suffered a ransomware attack some weeks back but have chosen not to send the bitcoin demanded by the attacker. Instead, they decided to use back-ups to restore services. The Committee oversees public defenders in Boston. According to the Boston Globe, that decision has meant a “weekslong slowdown” that…