On October 16 and 17, the ScatteredLAPSUS$Hunters Telegram channel repeatedly violated Telegram’s TOS by leaking personal information on people — and in this case, information on employees of the Department of Justice (DOJ/FBI), U.S. Attorneys Office (DOJ/USAO), the Department of Homeland Security (DHS), and the Federal Aviation Authority (FAA). DataBreaches did not report on it…
Category: Breach Incidents
Attorney General James Secures $14.2 Million from Car Insurance Companies Over Data Breaches
NEW YORK – New York Attorney General Letitia James today secured $14.2 million from eight car insurance companies for failing to protect the private information of more than 825,000 New Yorkers. The data breaches were part of a hacking campaign that targeted car insurance companies’ quoting tools and stole people’s personal information, including driver’s license…
Months After Being Notified, a Software Vendor is Still Exposing Confidential and Sealed Court Records
In a special edition of “No need to hack when it’s leaking,” DataBreaches reports on a software vendor that, despite multiple attempts by multiple parties, continues to expose confidential and sealed court records. Overview As a matter of policy, DataBreaches does not publish unredacted stolen or leaked data if it would expose personally identifiable or…
From sizzle to drizzle to fizzle: The massive data leak that wasn’t (1)
After days of endlessly urging Salesforce or companies to pay them so that their data would not be leaked, the deadline for Salesforce to pay came and went. And as it went, ScatteredLAPSUS$Hunters leaked data from six of the 39 companies listed on its dark web leak site. But that’s where the massive leak that…
In a few days, the PowerSchool hacker will learn his sentence, and his life as he has known it will end. (1)1)
In November 2021, when “g0retrance” defaced the website of the Massachusetts Interscholastic Athletic Association (MIAA) with a message saying “PWNED,” the hacker, who also used the moniker “netsaosa,” left a message under it “should have listened to my emails instead of ignoring me … don’t worry, this is harmless. just to get ur attention :)” Boston.com…
Watsonville Community Hospital had a data breach — or two. It would be helpful to know which.
On December 8, 2024, DataBreaches reported that Watsonville Community Hospital in California was continuing to respond to what they referred to as a cyberattack on November 29. No gang had claimed responsibility at that point, patients hadn’t been notified yet, and the hospital wasn’t stating whether the attack involved encryption of any files. Weeks later,…