On October 16 and 17, the ScatteredLAPSUS$Hunters Telegram channel repeatedly violated Telegram’s TOS by leaking personal information on people — and in this case, information on employees of the Department of Justice (DOJ/FBI), U.S. Attorneys Office (DOJ/USAO), the Department of Homeland Security (DHS), and the Federal Aviation Authority (FAA). DataBreaches did not report on it…
Category: U.S.
Massachusetts hospitals Heywood, Athol say outage was a cybersecurity incident
Joseph Topping reports: Heywood Hospital and Athol Hospital said a network outage this week was caused by a cybersecurity incident. The hospitals said they took affected systems offline and engaged a third-party cybersecurity firm. The facilities—Heywood Hospital in Gardner, Massachusetts, and Athol Hospital in Athol, Massachusetts—remain open and caring for patients; earlier in the week…
Data BreachesProsper Data Breach Impacts 17.6 Million Accounts
Ionut Arghire reports: More than 17 million individuals were likely impacted by a data breach at peer-to-peer lending marketplace Prosper, data breach notification service Have I Been Pwned warns. Prosper disclosed the incident last month, noting that hackers accessed its network and stole confidential, proprietary, and personal information from its systems. According to the US-based…
Heritage Provider Network $49.99M Class Action Settlement
Nicole Aljet reports an update on a data breach that had been disclosed by Regal Medical Group in February 2023. Current and former patients who received a notice in early 2023 stating a data breach involving Heritage Provider Network or its affiliates may have exposed their personal or medical information could qualify to claim a cash payment…
Integris Health Agrees to $30 Million Settlement Over 2023 Data Breach
Lauren Giella reports: Oklahoma health system Integris Health reached a $30 million settlement in a data breach class action lawsuit that impacted over two million people over two years ago. This agreement settles a class action lawsuit filed in the U.S. District Court for the Western District of Oklahoma that accuses Integris of negligence after…
Oracle silently fixes zero-day exploit leaked by ShinyHunters
Lawrence Abrams reports: Oracle has silently fixed an Oracle E-Business Suite vulnerability (CVE-2025-61884) that was actively exploited to breach servers, with a proof-of-concept exploit publicly leaked by the ShinyHunters extortion group. The flaw was addressed with an out-of-band security update released over the weekend, which Oracle said could be used to access “sensitive resources.” “This…