André Orban reports: KLM and Air France have reported a data breach involving unauthorised access to customer data on an external customer service platform. The incident did not affect the airlines’ internal systems, and no sensitive information (such as passwords, travel details, passport numbers, Flying Blue miles, or credit card data) was compromised. The breach…
Category: Breach Incidents
Google reveals it became one of the Salesforce attack victims in June
Lawrence Abrams reports: In June, Google warned that a threat actor they classify as ‘UNC6040′ is targeting companies’ employees in voice phishing (vishing) social engineering attacks to breach Salesforce instances and download customer data. This data is then used to extort companies into paying a ransom to prevent the data from being leaked. In a brief update…
More than 1 million patients affected by DaVita ransomware attack; those are preliminary numbers
UPDATE of August 22, 2025: On August 21, HHS added a listing for this incident that indicates that DaVita reported the incident to HHS on August 1, 2025 as affecting 2,689,826 patients. Previous post: There is an update to the ransomware attack involving DaVita Dialysis first reported in April. According to DaVita’s disclosures this month, …
Are Scattered Spider and ShinyHunters one group or two? And who did France arrest? (1)
When DataBreaches was a kid, the “new math” they were experimenting with had us learning binary and other systems. It didn’t go over well with us, our teachers, or our parents back then. Now the “new math” for me is UNCs — specifically 6040, 5537, 3944, and 6240. 6040+5537+3944 +6240 = Scattered Spider + ShinyHunters…
HCA Healthcare settled two lawsuits this week; one was over its 2023 data breach
Steve Alder reports: HCA Healthcare Inc. has agreed to settle class action litigation stemming from a July 2023 data breach that was reported to the HHS’ Office for Civil Rights as affecting 11,270,000 patients. The affected individuals had received healthcare services at HCA hospitals and doctors’ offices in 20 U.S. states. HCA Healthcare was targeted by hackers…
Highlands Oncology Group notifies 113,575 people after ransomware attack by Medusa
On August 1, Highlands Oncology Group in Arkansas notified the Maine Attorney General’s Office of a ransomware attack it discovered on June 2, when certain files and systems were inaccessible. Investigation into the incident revealed that there had been unauthorized access at times between January 21, 2025, and June 2, 2025. On June 19, the…