On July 26, DataBreaches reported that DESORDEN had attacked Ranhill Utilities Berhad, a provider of water and power supply in Malaysia. At the time, DESORDEN claimed, in part: The initial data breach was initiated on Nov 2021. For over 18 months, DESORDEN has been in their systems. On 17th July 2023, our group infiltrated their…
Category: Breach Incidents
Prime Therapeutics/Magellan Rx discloses HIPAA breach
Prime Therapeutics administers prescription drug benefits and is a diversified pharmacy solutions organization serving health plans, employers and government programs. It is owned by 19 Blue Cross and Blue Shield Plans, subsidiaries or affiliates of those plans. Magellan Rx Management, one of their companies, serves public sector state government programs. According to a press release…
Forever 21 notifies 540,000 of breach affecting employees enrolled in firm’s health plan
In 2017, fashion retailer Forever 21 experienced a malware attack on its card payment system that compromised customers’ payment cards. The breach was an embarrassment on a number of levels because the attacker had access to their system for about 7 months, and Forever 21 did not seem to have discovered the breach on their…
Developing: Hospital Sisters Health System and Prevea Health hit by cyberattack
Yesterday, DataBreaches received a phone call from an employee at St. Vincent Hospital in Green Bay, Wisconsin. The employee was asking if we knew anything about a cyberattack on Hospital Sisters Health System (HSHS) and stated that everything had been down for two days but the employees were not really being given information other than…
El Salvadoran database raises questions of possible political intrigue
A database listed for sale on a popular hacking forum may raise some political questions for El Salvadorans. On August 16, a listing offered 114GB of files with facial photos and 5.1 million records with El Salvadorans’ “full name, dui, date of birth, address, telephone, email and hd photo of the face.” DataBreaches was contacted…
Two more attacks involving sensitive data: a plastic surgery center in Brazil and a psychiatric hospital in Lithuania
Although it’s impossible for DataBreaches to really monitor for attacks on medical entities around the world, here are two non-U.S. ones recently spotted that both involve sensitive data. Plastic Surgery Practice in Brazil This week, DataBreaches spotted a listing for data from a Brazilian plastic surgery practice. The seller, who calls himself “TheSnake,” claims to…