Bill Toulas reports: The ransomware group known as “Babuk” has added Houston Rockets to its victim list, warning about the imminent leak of 500GB of stolen data if their payment demands aren’t met. The threat actors present screenshots of the exfiltrated files as proof of possession, showing what appears to be contracts, non-disclosure agreements, customer…
Category: U.S.
Brokerage firm agrees to $3 mln deal for New York cybersecurity rule violations
Sara Merken reports: Brokerage firm National Securities Corp has agreed to pay $3 million in a settlement with New York’s financial services regulator over shortfalls that resulted in four cybersecurity breaches involving unauthorized access to email accounts. Read more on Reuters. NY DFS’s press release: Superintendent of Financial Services Linda A. Lacewell announced today that…
Software developer charged with damaging the computer system of a Cleveland company
Acting U.S. Attorney Bridget M. Brennan announced that a federal grand jury sitting in Cleveland has returned an indictment charging Davis Lu, 51, of Houston, Texas, with one count of damaging protected computers. The Defendant is accused of using his position as a software developer to execute malicious code on his employer’s computer servers. The…
NY: Montefiore Medical Center discloses fourth insider-wrongdoing breach in seven months
Montefiore Medical Center in New York is notifying patients of yet another insider-wrongdoing breach. Read their press release below and then the comments after it. April 13, 2021 /PRNewswire/ — Today, Montefiore Medical Center is notifying some patients about a security breach involving information illegally accessed by a former employee. Categories of personal information accessed varied…
Baltimore County Public Schools takes responsibility for data breach that affected teachers
Tim Tooten reports: More than 2,500 of Baltimore County Public School system employees have had their personal information compromised and the district said it’s their fault. It follows a number of technology issues the school system has been dealing with since November. School officials said they learned about the technology failure in January, but letters…
Lawsuit accuses Pennsylvania addiction treatment center of failing to protect patient information from data hack
In February, HHS added an incident to their public breach tool involving Pennsylvania Adult & Teen Challenge, an addiction treatment center. In July, 2020, PPATC had discovered that an unauthorized individual had accessed some employee email accounts. A forensic investigation could not determine what information in those accounts had been accessed, and they wound up…