On March 12, DataBreaches reported on the Health Benefit Exchange Authority data that was first leaked by a forum user known as “IntelBroker” and then by “Denfur.” The DC Health Link incident attracted a lot of media attention because it involved members of Congress, their staff, and their families. As StateScoop reported today, DC Health…
Category: Breach Incidents
Data from Vietnam’s state-owned oil and gas group and affiliated firms leaked
Three Vietnamese firms involved in the petroleum industry and infrastructure may first be learning that some of their files are being given away freely on BreachForums. Forum user Kernelware posted a listing early Tuesday, identifying the firms as PetroVietnam, Long Son Petrochemicals, and POSCO Engineering & Construction. Kernelware’s post also notes, “…these are just the…
What’s new in ransomware gang pressure tactics? Not as much as you might think.
It’s hard to believe, but it has really been 17 years since PogoWasRight.org began blogging about breaches, and it’s been 14 years since this spinoff site, DataBreaches.net, opened. Since then, DataBreaches has often reported on criminals’ tactics to secure payment from victims, especially those in the healthcare sector. Thousands of archived posts on DataBreaches.net provide…
Notice of Privacy Incident of Historical Health Records – California Secretary of State
From the FAQ (both the FAQ and HTML version have occasional errors and label certain dates 2023 when they were 2022): 1. What happened? On December 23, 2022, the California Secretary of State (SOS) was notified by a researcher that the records they were provided to view contained records not older than 75 years. Pursuant…
Data Exfiltration Trends in Healthcare
From the Office of Information Security / HHS and the Health Sector Cybersecurity Coordination Center: Data Exfiltration Trends in Healthcare March 9, 2023
Another ransomware attack results in a HIPAA breach: Florida Medical Center
In a notice issued yesterday, Florida Medical Clinic (“FMC”) confirmed that unauthorized individuals gained access to its computer network and used ransomware to encrypt files. FMC detected suspicious activity on January 9, 2023, and the incident was fully contained within hours. FMC states they were able to “proactively isolate the exposure.” DataBreaches has sent them…