From the U.K. Information Commissioner’s Office: Warning comes after the ICO reprimands seven organisations in the past 14 months for data breaches affecting victims of domestic abuse. Most cases related to organisations inappropriately disclosing the victim’s home address to alleged perpetrators. Commissioner urges organisations to take responsibility for training their staff and putting appropriate systems…
Category: Breach Incidents
AlphV claims to have hit MNGI Digestive Health — developing
MNGI Digestive Health (MNGI) in Minnesota is a physician-owned multi-center gastroenterology practice that has been recognized for its excellence. MNGI was previously known as Minnesota Gastroenterology, P.A., and was created by partnership of three independent practices: Digestive Healthcare, Gastroenterology Consultants, and St. Paul Gastroenterology. Unfortunately, excellence in medical practice and care does not immunize a…
Ransomware group claimed to have hit a New Jersey cardiology group. Did they?
On September 2, the NoEscape ransomware group added Mulkay Cardiology Consultants to their leak site and claimed to have successfully encrypted them. “We have 60GB of confidential and personal data on more than 30,000 patients, scans, doctor’s conclusions about patients and many other confidential information,” they claimed in their listing about the New Jersey medical…
Pain Care Specialists may be feeling the pain of a ransomware attack
It appears that Pain Care Specialists in Oregon became the victim of an attack by AlphV. The threat actors added the medical entity to their leak site earlier today with some files with personal information on employees and patients. AlphV’s listing noted that the breach occurred on September 13, and, “As a result of our…
Crown Point schools 2022 ransomware attack cost $1M to resolve
Adrian Martinez-De la Cruz reports that Crown Point Community School Corp. Superintendent Todd Terrill provided an update on the ransomware attack last November that cost the district about $1 million to resolve. The superintendent said the breach occurred after an employee fell for a phishing attack. The district decided to pay the attackers, and “a payment…
Freestyle Must Defend Lawsuit Following Data Breach, Judge Rules
Skye Witley reports: Internet commerce services vendor Freestyle Solutions Inc. must face a trimmed-down lawsuit alleging it misled customers about its cybersecurity practices before hackers gained access to its network, a federal New Jersey court ruled. Freestyle succeeded in dismissing most of the claims, including negligence, but will have to defend issues surrounding its contract language, Judge Susan…