Evan Perez and Sean Lyngaas report: The FBI has been investigating and working to contain a malicious cyber incident on part of its computer network in recent days, according to people briefed on the matter. FBI officials believe the incident involved an FBI computer system used in investigations of images of child sexual exploitation, two…
Category: Breach Incidents
Annual Report to Congress on Breaches of Unsecured Protected Health Information For Calendar Year 2021- HHS OCR
From their report: Summary OCR received 609 notifications of breaches affecting 500 or more individuals, representing a decrease of 7% from the number of reports received in calendar year 2020. These reported breaches affected a total of approximately 37,182,558 individuals. The most commonly reported category of breaches was hacking, and the largest breach of this…
Update to the Des Moines Public School ransomware attack
For some students in Des Moines, Iowa, the return to school after the winter holidays was soon interrupted by a cyberattack that resulted in classes being canceled. But as classes continued to be canceled, it became clearer that restoration and recovery would not be quick. By January 11, two days after the announcement of school…
Bits ‘n Pieces (Trozos y Piezas)
ES: Cosmetics firm added by LockBit Skin and hair products firm Montibello has been added by LockBit3.0 to their leaks page. The listing was added on February 14th but without any filetree or proof. DataBreaches emailed Montibello to see if they would confirm or deny an attack but received no reply. There is nothing on…
MKS Instruments’ breach notification includes a surprising statement to reassure those affected
Well, this is a bit different. On February 13, MKS Instruments in Massachusetts (the U.S. parent company of the MKS and Atotech group of companies) became aware of a ransomware event. By February 16, they issued a notification letter to former and current employees who may have been affected. Their notification informed employees that, “While…
Healthcare giant CHS reports first data breach in GoAnywhere hacks
Sergiu Gatlan has more on a claimed zero-day attack on Fortra’s GoAnywhere file transfer software. The attack, which Clop claimed responsibility for, has been linked to at least one confirmed victim, Community Health Systems, as first reported by DataBreaches.net. Gatlan reports that Fortra (formerly known as HelpSystems) disclosed to its customers last week that a new vulnerability (CVE-2023-0669)…