Turner Wright reports: Joseph Sullivan, a former Chief Security Officer at Uber, allegedly tried to cover up a 2016 hack of sensitive data by funneling a hush money payment of $100,000 in Bitcoin through a bug bounty program. The hackers had obtained the drivers’ license numbers of roughly 600,000 Uber drivers as well as private…
Category: U.S.
Medical Data of Auto Accident Victims Exposed Online
Jeremiah Fowler reports: On July, 7th I discovered 2.5 million records that appeared to contain sensitive medical data and PII (Personally Identifiable Information). The records included names, insurance records, medical diagnosis notes, and much more. Upon further research, there were multiple references to an artificial intelligence company called Cense. The records were labeled as staging…
NY: RCSD reopening forum hacked on Zoom
As schools re-open, zoom-bombing continues to pose a threat. With districts planning to use virtual learning, you’d hope that they would have Zoom configured to prevent zoom-bombing that results in pornography or racist comments or other inappropriate content being disrupting programs. On Saturday, an urban New York school district found out it wasn’t adequately secured….
NC: Lawsuit: ‘Alarming’ data breach at Coastal Prep Academy exposed sensitive personal data
Benjamin Schachtman reports: According to a letter sent to parents by Coastal Preparatory Academy and a lawsuit filed in Superior Court, a former employee obtained extremely sensitive personal information about parents and students, including social security numbers, health and financial information, and employment records. The charter school has filed several civil actions to recover passwords,…
Report: “No Need to Hack When It’s Leaking:” GitHub Leaks of Protected Health Information
The message request showed up in my Twitter notifications: Hi There! 🙂 I see you have some experience in getting the right amount of attention for medicaid related data leaks. I have found admin credentials to some super sensitive medical billing processing system and get nothing but silence on all available contact channels and no…
Medical Debt Collection Firm R1 RCM Hit in Ransomware Attack
Brian Krebs reports: R1 RCM Inc. [NASDAQ:RCM], one of the nation’s largest medical debt collection companies, has been hit in a ransomware attack. Formerly known as Accretive Health Inc., Chicago-based R1 RCM brought in revenues of $1.18 billion in 2019. The company has more than 19,000 employees and contracts with at least 750 healthcare organizations nationwide. Read…