As schools re-open, zoom-bombing continues to pose a threat. With districts planning to use virtual learning, you’d hope that they would have Zoom configured to prevent zoom-bombing that results in pornography or racist comments or other inappropriate content being disrupting programs. On Saturday, an urban New York school district found out it wasn’t adequately secured….
Category: U.S.
NC: Lawsuit: ‘Alarming’ data breach at Coastal Prep Academy exposed sensitive personal data
Benjamin Schachtman reports: According to a letter sent to parents by Coastal Preparatory Academy and a lawsuit filed in Superior Court, a former employee obtained extremely sensitive personal information about parents and students, including social security numbers, health and financial information, and employment records. The charter school has filed several civil actions to recover passwords,…
Report: “No Need to Hack When It’s Leaking:” GitHub Leaks of Protected Health Information
The message request showed up in my Twitter notifications: Hi There! 🙂 I see you have some experience in getting the right amount of attention for medicaid related data leaks. I have found admin credentials to some super sensitive medical billing processing system and get nothing but silence on all available contact channels and no…
Medical Debt Collection Firm R1 RCM Hit in Ransomware Attack
Brian Krebs reports: R1 RCM Inc. [NASDAQ:RCM], one of the nation’s largest medical debt collection companies, has been hit in a ransomware attack. Formerly known as Accretive Health Inc., Chicago-based R1 RCM brought in revenues of $1.18 billion in 2019. The company has more than 19,000 employees and contracts with at least 750 healthcare organizations nationwide. Read…
Hacker leaks data for U.S. gun exchange site on cybercrime forum
Lawrence Abrams reports: A hacker has released the databases of Utah-based gun exchange, hunting, and kratom sites for free on a cybercrime forum. On August 10th, a threat actor posted databases that they claim contain 195,000 user records for the utahgunexchange.com, 45,000 records for their video site, 15,000 records from the hunting site muleyfreak.com, and 24,000…
Medical records for cardiac patients left unsecured online
On August 2, a researcher contacted DataBreaches.net about a misconfigured Amazon s3 storage bucket they had discovered. The bucket contained more than 10,000 files, recently updated, with protected health information of patients seen by or involved with BioTel Heart cardiac data network. Sometimes it is easy to figure out the likely owner of an Amazon…