What happens when threat actors leak data on the dark web but the victim entity doesn’t access it in time to figure out what was leaked? That’s what happened to PruittHealth in Georgia last year. How many people are they notifying because they can’t figure out what was accessed, acquired, or leaked? In November 2023,…
Category: U.S.
Numotion data breach affected 602,265 patients
In March 2023, United Seating and Mobility, LLC, d/b/a Numotion (“Numotion”) paid the government $7 million to resolve allegations that it made false claims in submitting reimbursement requests to Kentucky Medicaid, two of Kentucky Medicaid’s Managed Care Organization contractors (MCOs), MO HealthNet (Missouri Medicaid), and D.C. Medicaid (archived). Numotion is a nationwide provider of durable…
Data breach involving two former Kalamazoo employees under criminal investigation
Here’s your occasional reminder about insider-wrongdoing breaches. Katie Sergent reports: City officials notified all staff of a data breach impacting about 250 current and former city employees, according to Kalamazoo Communications Manager Michael Smith in a statement to News Channel 3 Wednesday. The breach involved two former city employees, and was discovered on March 28…
Google Database Reveals Thousands of Privacy Incidents
Joseph Cox reports: Google has accidentally collected childrens’ voice data, leaked the trips and home addresses of car pool users, and made YouTube recommendations based on users’ deleted watch history, among thousands of other employee-reported privacy incidents, according to a copy of an internal Google database which tracks six years worth of potential privacy and…
Snowflake Warns: Targeted Credential Theft Campaign Hits Cloud Customers
The Hacker News reports: Cloud computing and analytics company Snowflake said a “limited number” of its customers have been singled out as part of a targeted campaign. “We have not identified evidence suggesting this activity was caused by a vulnerability, misconfiguration, or breach of Snowflake’s platform,” the company said in a joint statement along with CrowdStrike and…
Davis County high school students are hacking the hackers behind phishing schemes
Don Brinkerhoff reports: A group of high school juniors in Davis County are hacking the hackers to protect phishing victims. “All my friends and peers around me got hacked,” said Charles Mortensen a Davis County student. Mortensen said in one case, a friend who’s in foster care had her Instagram account hacked. That was the…