Jeremiah Fowler reports finding a non-secured database with more than 25,000 records, many with sensitive information: The unsecured database contained internal screenshots of source code as well as customer documents that were stored in uploads folders. These documents include: US Federal and State tax filings, passports, driver licenses, birth and marriage records, business documents, denied…
Category: Breach Incidents
Gates Corporation (no, not THAT Gates) discloses a ransomware attack
Gates Corporation in Denver describes itself as a leading manufacturer of application-specific fluid power and power transmission solutions. On July 7, its external counsel filed a notice of a breach with the Maine Attorney General’s Office. According to the notification, 11,090 people were affected by a ransomware attack that occurred on February 11. The firm’s…
“Almost everything you have posted in your news article about this incident is a total crap” — BlackCat to Bangladeshi news outlets
On June 23, using the greeting that Hive ransomware always used in emailing victims, AlphV wrote to the Bangladesh Krishi Bank (BKB). Typos, grammar, and spelling as in the original: Hello,Ladies and Gentlemen! This is ALPHV Ransomware Team. We are here to inform you about data breach which took place at the “Bangladesh Krishi Bank”…
Au: Atherfield Medical & Skin Cancer Clinic victim of cyberattack by Cyclops
Australia has experienced a number of significant cyberattacks on healthcare entities in the past few years. Now a relatively new ransomware group, Cyclops, claims to have attacked Atherfield Medical & Skin Cancer Clinic in Australia: In Cyclops’ listing (above), there is a date of June 29, which appears to be the date they uploaded…
Why ransomware groups are targeting Indian pharma companies and the healthcare sector; ClearMedi allegedly hacked
Naandika Tripathi reports: Just three months after a ransomware attack pulled down India’s largest drugmaker, Sun Pharmaceuticals, the threat actors went after another pharma company. Hyderabad-based Granules India was notified of a significant loss of revenue and profitability due to a cybersecurity attack in the last week of May. […] From Dr. Reddy’s to the…
Imagine360 discovers that two of its file-sharing platforms were hit within days of each other.
With all the big attacks on third-party vendors, it’s not surprising that some entities are reporting two or more breaches in a short period of time. Imagine360, LLC, is a self-funded health plan for employers. On or around January 30, Imagine360 identified unusual activity within Citrix, its third-party file-sharing platform. Imagine360 terminated access to the…