In what is likely making some people a bit nervous, the users database for RaidForums has been leaked on a forum. The database appears to date to September 2020. It contains entries for the site owner, Omnipotent, as well as moderators, and well-known users. DataBreaches spot-checked the database and found individuals with their known…
Category: U.S.
Insurance regulators examining Point32Health data breach
Sam Drysdale and Michael P. Norton report: State insurance regulators have opened an examination into a cyberattack on one of the state’s largest health insurance providers. The Division of Insurance is monitoring the Point32Health data breach, which may have compromised personal data including addresses, medical history and Social Security numbers of current and former Harvard…
New York county still dealing with ransomware eight months after attack
Brandon Vigliaro reports: The fallout from an eight-month-old cyber attack on a county in Long Island, New York has devolved into mud-slinging as leaders try to figure out just what is going on. Suffolk County was hit with a ransomware attack in early September 2022, which led county executive Steve Bellone to issue nine separate emergency…
Defiant Johns Hopkins doctor testifies she shared private patient records because she feared Russia
Mike Hellgren reports: Defense attorneys for the two Maryland doctors accused of providing the private medical records of patients to help the Russian government rested their cases on Friday afternoon. The lawyer for Johns Hopkins anesthesiologist Dr. Anna Gabrielian only called his client to the stand in her own defense. The lawyer for her husband,…
NYSDFS Fines Lender and Mortgage Servicer $4.25M for Cybersecurity Failures Including Vendor Management
Joseph Lazzarotti of JacksonLewis writes: Yesterday, New York’s Department of Financial Services (“DFS”) announced another enforcement action under the state’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R. Part 500 (“Reg 500”). According to the press release, OneMain Financial Group LLC (“OneMain”) will pay a $4.25 million penalty to New York State for alleged violations of Reg 500. In…
Tennessee Orthopaedic Clinics notifies HHS of breach; has yet to notify patients
An undated message on the Tennessee Orthopaedic Clinics website states that TOC recently responded to a security incident. They don’t say when they discovered it, but their investigation determined “that an unauthorized party accessed some of our systems between March 20, 2023, and March 24, 2023, and may have accessed or acquired certain files.” The…