The Irish Examiner reports: Dublin Midlands Hospital Group has confirmed an isolated ransomware attack at the Midlands Regional Hospital in Tullamore yesterday. There was no impact on patient care following the attack, which affected the Laboratory Information System. There is also no evidence of other parts of the wider health service being affected by the…
Category: Breach Incidents
A leaky database of SMS text messages exposed password resets and two-factor codes
Zack Whittaker reports: A security lapse has exposed a massive database containing tens of millions of text messages, including password reset links, two-factor codes, shipping notifications and more. The exposed server belongs to Voxox (formerly Telcentris), a San Diego, Calif.-based communications company. The server wasn’t protected with a password, allowing anyone who knew where to…
One in five Magecart-infected stores get reinfected within days
Catalin Cimpanu reports: Online stores that have been infected with the Magecart malware –known to record and steal credit card details from checkout forms– often get reinfected after clean-up operations, a recent report has revealed. “In the last quarter, 1 out of 5 breached stores were infected (and cleaned) multiple times, some even up to…
Do you login to merchant sites using your FB or Google credentials? The Annex Cloud breach may have affected you.
Hmm. This one could result in big numbers. A notification from Title Nine about Annex Cloud. Annex Cloud is a service provider that you may never have heard of but may have used many times. The notification explains: Annex Cloud provides a service that enables individuals to use their user name and password from social media…
LPL Financial notifying advisors after Capital Forensics, Inc. was hacked
LPL Financial has sent a notification about a third-party hack that was shared with DataBreaches.net by a reader. The hack involving Capital Forensics, Inc. has reportedly affected a number of that vendor’s clients (but not all clients). From their November 9th notification to advisors, LPL writes: *What Happened* LPL works with a firm called Capital…
Italian prosecutors have given up on catching the person who hacked and destroyed Hacking Team
Cory Doctorow reports: Hacking Team (previously) was an Italian company that developed cyberweapons that it sold to oppressive government around the world, to be used against their own citizens to monitor and suppress political oppositions; in 2015, a hacker calling themselves “Phineas Fisher” hacked and dumped hundreds of gigabytes’ worth of internal Hacking Team data,…