Matt Kapko reports: A ransomware attack against San Francisco’s Bay Area Rapid Transit exposed highly sensitive and personal data after a threat group leaked the records Friday. The nation’s fifth-largest transit system by ridership, and largest in California, remains operational. Vice Society, a prolific ransomware group, claimed responsibility for the attack on Friday when it…
Category: U.S.
Update about an alleged incident regarding Twitter user data being sold online
From Twitter, today: …. In response to recent media reports of Twitter users’ data being sold online, we conducted a thorough investigation and there is no evidence that data recently being sold was obtained by exploiting a vulnerability of Twitter systems. We also want to share an update about an incident that took place earlier this year,…
TX: West Oaks Eyecare discloses malware incident
On November 7, West Oaks Eyecare in Texas discovered one of their computer systems had been encrypted by malware. Their investigation into the incident indicated that the threat actor(s) may have accessed patient billing information: We thoroughly reviewed the files involved to determine what information they contained. Based on our review, we identified files that…
Maryland State Trooper leaked information to drug distributor, affidavit alleges
Troy Pope reports: A Maryland State Trooper was arrested after investigators say he tipped off a drug distributor, taking money for the information. The trooper has been identified as Justin Riggs, a 10-year veteran of the Maryland State Troopers. Read more at WUSA9, keeping in mind that people are innocent until proven guilty.
Captify’s Your Patient Advisor advises more than 244,000 consumers of payment card breach
Your Patient Advisor by Captify started notifying people in mid-December of a security breach that occurred in 2019 and continued for years. Captify Health (“Your Patient Advisor”) is an online retailer of colonoscopy preparation kits. In March of 2021, they were contacted about the fraudulent use of consumer credit cards potentially related to their payment…
Identity Thieves Bypassed Experian Security to View Credit Reports
Brian Krebs reports: Identity thieves have been exploiting a glaring security weakness in the website of Experian, one of the big three consumer credit reporting bureaus. Normally, Experian requires that those seeking a copy of their credit report successfully answer several multiple choice questions about their financial history. But until the end of 2022, Experian’s…