This is normally where we might say “Happy Thanksgiving,” and focus on what we’re grateful for this year. And I do hope everyone who has plans to be with their family or friends today gets there and has a wonderful day. But I also know that many families are suffering right now. Some have loved…
Category: Breach Incidents
A cyberattack on a U.K. accounting firm wound up leaking U.S. patient data. Now what?
DataBreaches would have passed over a listing on LockBit3.0’s site if Brett Callow hadn’t kindly called our attention to it. The listing by the threat actors was for HSKS Greenhalgh Chartered Accountants and Business Advisors, and LockBit claimed to have exfiltrated 168 GB of files with: Employees (NIN numbers, passport scans, ID scans, Employee forms…
NoEscape gang continues to use DDoS to pressure reluctant victims to negotiate
Over on SuspectFile, Marco A. De Felice reports that the NoEscape ransomware gang is threatening to release 1.5 TB of data from PruittHealth Network. De Felice was unable to obtain any statements or responses from either PruittHealth or the threat actors, but notes that the threat actors claim to have attacked Pruitt on November 13…
Was Yakima Valley Radiology the victim of a cyberattack? They’re not answering that.
On September 24, Karakurt threat actors added Yakima Valley Radiology PC to their leak site. Their listing claimed that they acquired 9.31 GB of files including “financial reports, client lists with contacts, list of patients for 15 years (212579 rows), a database of social security numbers (including staff, doctors) with 766000 rows.” Karakurt did not…
States settle with Morgan Stanley for $6.5 million over data security incidents
In addition to Florida, represented by Consumer Protection Division Multistate and Privacy Bureau Chief Patrice Malloy and Senior Assistant Attorney General Diane Oates, the following states joined the action: Connecticut, Indiana, New Jersey, New York and Vermont. To view a copy of the agreement, click here. Source: MyFloridaLegal.com
Systems East, Inc. notifies 209,000 consumers after database with some payment card info was hacked
It’s not often DataBreaches reads a breach disclosure that reports the theft of already-encrypted data, but a notification by Systems East, Inc. (SEI) in New York reported one such incident. SEI, which provides e-payment solutions and online payment processing services, notified consumers that on August 25, an unknown individual accessed certain systems on SEI’s network….