Post Bulletin reports: Rochester Public Library was notified that one of its library service partners, MNLINK, experienced a data breach on Dec. 15, 2022. Through the random cyber attack, the names and email address of 1,709 Rochester library customers might have been accessed. Read more at Post Bulletin.
Category: U.S.
CMS Responding to Data Breach at Subcontractor
I cannot remember any other breach where CMS actually issued those affected new Medicare numbers and cards, but it happened in this one: A Centers for Medicare and Medicaid (CMS) subcontractor was the victim of a ransomware attack in October. The full press release follows: The Centers for Medicare & Medicaid Services (CMS) is responding…
HHS Civil Rights Office Enters Settlement with Dental Practice Over Disclosures of Patients’ Protected Health Information
From HHS, resolution of a complaint they received in 2017: The Office for Civil Rights (OCR) has settled with B. Brandon Au, DDS, Inc., d/b/a New Vision Dental (New Vision Dental), in California, over the impermissible disclosure of patient protected health information (PHI) in response to online reviews, and other potential violations of the Health…
Former Twitter employee sentenced to more than three years in prison for spying for Saudi Arabia
Kevin Collier reports: A former Twitter employee found guilty of spying on users on behalf of the Saudi royal family has been sentenced to three and a half years in prison. Ahmad Abouammo, a dual U.S.-Lebanese citizen who helped oversee media partnerships for Twitter in the Middle East and North Africa, was part of a scheme to…
HC3: Analyst Note: LockBit 3.0 Ransomware
Report: 202212121700 LockBit 3.0 Ransomware December 12, 2022 Executive Summary LockBit 3.0 is the newest version of the LockBit ransomware that was first discovered in September 2019. The ransomware family has a history of using the Ransomware-as-a-service (RaaS) model and typically targets organizations that could pay higher ransoms. Historically, this ransomware employs a double extortion…
FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked
Brian Krebs reports: InfraGard, a program run by the U.S. Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum. Meanwhile, the hackers responsible are communicating directly…