Christopher Brown reports: A data-breach victim whose personal information was subject to actual misuse has standing to sue the entity that suffered the breach, a federal appeals court said. Plaintiff Alexsis Webb plausibly alleged an injury-in-fact sufficient to confer standing to sue Injured Workers Pharmacy Inc. based on her allegation that information stolen from the…
Category: Breach Incidents
BlackCat continues attempting to extort healthcare entities
BlackCat has been busy and continues to attack the healthcare sector here and abroad. Visitors to their leak site this week saw listings for: Coachella Valley Collection Service, a service that provides debt collection services, including “medical, retail, commercial, judgment, and check debt collection.” BlackCat (aka AlphV) claims to have acquired 575 GB of data including…
I had been chatting with a blackhat. They had been working with a whitehat. We were both dealing with the same person.
On April 18, DataBreaches reported that more details had emerged on the arrest of three men by Dutch police in January. The three were suspected of hacking and extorting victims in the Netherlands and elsewhere, obtaining and selling data online, and money laundering. A fourth person linked to the suspects known as “DataBox” had previously…
At least 100,000 could have had data exposed after US health department was hit by global MOVEit cyberattack
Sean Lyngaas reports: At least 100,000 people could have had their data compromised by a hack of contractors at the Department of Health and Human Services, a department official said Thursday, making it the latest US government agency to be caught up in a sweeping cyberattack connected to Russian cybercriminals. HHS notified Congress of the breach on…
Costs of some 2022 ransomware attacks: Whitworth University hit with federal lawsuit, Little Rock School District tallies its costs
Whitworth University may start experiencing more legal costs stemming from a ransomware attack in 2022. Kip Hill reports: A Whitworth University student is asking a federal judge to approve a class action against the school for damages stemming from a ransomware attack discovered in July 2022 that affected more than 65,500 people. The lawsuit, filed…
Barrow County notifies people of a breach that began more than a year ago
Barrow County in Georgia issued a breach notice about a breach of its email environment that occurred between March and August of 2022. Its notification, posted on its website, states, in part: The type of information at issue varied for each individual, but included a variation of the following: name; date of birth, Social Security…