An established forum user on Breached.vc uploaded what they claim is the [SPPS] Saint Paul Public Schools District Directory for free download. In describing what they refer to as an attack on February 13 to February 14 leading to a data breach, they write: Reasons for leak: Insecuring their Google Directory; Not Forcing stronger passwords…
Category: Breach Incidents
Arizona Priority Care and AZPC Clinics notify 10,978 patients of malware attack
Arizona Health Advantage, Inc. d/b/a Arizona Priority Care and AZPC Clinics, LLC (“APC”) are healthcare providers and business associates. On February 1, they notified HHS of an incident that affected 10,978 patients. As a business associate, their report to HHS was filed on behalf of Alignment Health Plan of Arizona, Inc. and Alignment Health Insurance…
B&G Foods attacked by Daixin Team; files leaked
B&G Foods describes itself as a “multibillion dollar company with more than 50 brands and one purpose: Delicious food from our family to yours.” Some of the California firm’s brands are Crisco, Green Giant, Cinnamon Toast Crunch, Cream of Wheat, and Vermont Maid Syrup. But a recent cyberattack by Daixin Team has allegedly resulted in…
Clop ransomware claims to be behind GoAnywhere zero-day attacks
Sergiu Gatlan reports: The Clop ransomware gang claims to be behind recent attacks that exploited a zero-day vulnerability in the GoAnywhere MFT secure file transfer tool, saying they stole data from over 130 organizations. The security flaw, now tracked as CVE-2023-0669, enables attackers to gain remote code execution on unpatched GoAnywhere MFT instances with their administrative…
UMass Memorial Health settles lawsuit claims from 2020 hack
Another week, another litigation settlement. Top Class Actions reports that UMass Memorial Health Center agreed to pay $1.2 million to resolve claims it failed to protect consumers from a hacking incident and data breach that occurred from June 24, 2020 to January 7, 2021. UMass informed consumers of the breach in October 2021. The breach…
Bits ‘n Pieces (Trozos y Piezas)
UY: Thomas J. Shandy Attack Claimed by AvosLocker The firm of Thomas J. Schandy has been listed on the leak site for AvosLocker. The February 5 listing claims that the threat actors have about 100 GB of information from the firm which states that their “jurisdiction has particular emphasis on all the national ports of…