An unknown party or parties who created a leak site with nude photos and medical records of a well-known plastic surgeon’s patients have uploaded more of his patients’ photos and records. In what was their third update to the leak site since June 5, those responsible wrote that they have changed their strategy. Before publishing…
Category: Breach Incidents
Teachers Insurance and Annuity Association of America notifying 2,630,717 after PBI alerts them to MOVEit breach
As those trying to monitor and analyze the massive MOVEit breach are already aware, the Teachers Insurance and Annuity Association of America (“TIAA”) provided university faculty retirement benefits to a number of colleges and universities. The TIAA part of the breach was not a direct attack on the vendor’s systems. TIAA was notified by its vendor,…
VirusTotal: We’re sorry someone fat-fingered and exposed 5,600 users
Jessica Lyons Hardcastle reports: VirusTotal today issued a mea culpa, saying a blunder earlier this week by one of its staff exposed information belonging to 5,600 customers, including the email addresses of US Cyber Command, FBI, and NSA employees. The unintentional leak was due to the layer-eight problem; human error. On June 29, an employee accidentally uploaded…
Now a third plastic surgery practice has nude patient photos leaked
Earlier this week, DataBreaches reported that two plastic surgery practices in California had both suffered cyberattacks. When the doctors did not pay ransom demands, attackers leaked nude patient pictures and patient info. One attack was by AlphV (BlackCat) on Beverly Hills Plastic Surgery. The other attack was by an unnamed group or individual on Gary…
Recycling giant TOMRA pulls systems offline following ‘extensive cyberattack’
Paul Kunert reports: Norwegian mining and recycling giant TOMRA says it has isolated tech systems as it deals with an “extensive cyberattack.” TOMRA has multiple divisions that focus on areas including waste and recycling solutions, metal sorting systems, mining machine systems and food sorting equipment. It turned over $1.2 billion in calendar 2022. Read more…
Payroll Services Provider UKG Agrees to $6 Million Settlement in Data-Breach Lawsuit
James Rundle reports: Payroll services provider UKG has agreed to settle a class-action lawsuit stemming from a cyberattack in 2021, capping a significant piece of litigation that emerged from the incident. A ransomware strike in December 2021 forced parts of UKG’s Kronos Private Cloud product offline, disrupting software that tracked employee hours during the Christmas holiday period….