Haya Panjwani reports: A data breach at UH [University of Houston] graduation cap and gown vendor, Herff Jones, has some students’ bank information compromised. Mariah Ochoa, a psychology senior, tweeted about her debit card information being stolen on Sunday, and received numerous replies of students having similar experiences. “I ordered my cap and gown back in February…
Category: U.S.
MA: Concord data breach affected about 70,000 across the country; hard drives still missing
Robert Fucci reports that Concord, Massachusetts is first notifying 70,000 people whose information was on 108 hard drives that went missing in 2019. It’s taken them until now to figure out whom to notify, it seems. “We’ve been waiting on some data from our attorney who has worked on this with us,” Crane said. “We…
200K Veterans’ Medical Records Exposed, But Were They Also Exfiltrated?
Becky Bracken reports: A database filled with the medical records of nearly 200,000 U.S. military veterans was exposed online by a vendor working for the Veterans Administration, according to an analyst, who also presented evidence the data might have been exfiltrated by ransomware attackers. The VA for it’s part said that the evidence may point to…
It seems we are not yet done hearing about the Netgain Technology breach (with updates)
And another (7/1) CentraCare Health and Carris Health – Willmar Lakeland Clinic (formerly known as Family Practice Medical Center) And another (6/16) Imperial Beach Community Clinic (Health Center Partners of Southern California (“HCP”) And another (6/14) Family Health Centers of San Diego (Health Center Partners of Southern California (“HCP”) And another (6/8) Minnesota Community Care …
Negotiations fail, threat actors dump more data from Metropolitan Police D.C.
This morning’s routine check of leak sites discovered a listing on Babuk threat actors’ leak site that many people have probably dreaded. The message under the shield says: “The negotiations reached a dead end, the amount we were offered does not suit us, we are posting 20 more personal files on officers, you can download…
Data from Indiana and Oregon school districts dumped by ransomware threat actors
Updated March 7, 2022: On March 6, Logansport Community School Corp. reported the incident to the Maine Attorney General’s Office as impacting 2,750 people. Previous post: This week, two sets of threat actors dumped data from K-12 school districts in Indiana and Oregon. Both districts had disclosed ransomware incidents in April. Logansport Community School Corp…