Yesterday, I reported that three unidentified patient databases had been put up for sale on the darknet on TheRealDeal market. I was subsequently able to have a chat with TheDarkOverlord (the hacker/seller) about the hacks and the refusal of the victims to pay the extortion demands. You can read more of what TheDarkOverlord shared with me…
Category: U.S.
Trying to get Maricopa County to respond to a privacy concern? Good luck with that!
As I’ve lamented (ok, bitched) many times: trying to notify an entity of a privacy or data security concern can be time-consuming and frustrating if the entity does not provide a clear means to notify them or doesn’t respond to your e-mails or calls. If you are thinking of trying to notify Maricopa County, Arizona…
Anyone know what healthcare facilities these are? 655,000 patient records up for sale on dark net (UPDATED)
Seen up for sale on a forum (I’m redacting the ads and samples): Healthcare Database (48,000 Patients) from Farmington, Missouri, United States This product is a considerably large database in plaintext from a healthcare organization in Farmington, Missouri, United States. It was retrieved from a Microsoft Access database within their internal network using readily available plaintext…
NASCAR team’s data locked up by ransomware; Circle Sport-Leavine Family Racing paid the ransom
Nick Bromberg reports that Circle Sport Leavine Family Racing fell victim to a ransomware attack this Spring after their files got locked up on Dropbox. “First you don’t want to believe it, but every file I tried to open had the same thing,” Dave Winston, the team’s crew chief told Fox Sports. “You know in this sport,…
Mercy Medical Center Redding notifies patients after discovering NaviHealth case manager was working under a stolen identity
Typically, when an entity posts a link to a security breach notification on their web site, it’s a normal or small font. If you’re lucky, it’s positioned so that you stand a chance of spotting it immediately. But Mercy Medical Center Redding wanted to make sure they caught their patients’ attention with this graphic on…
Hackers Just Leaked Personal Data of US Military Officials and it’s Legit
Waqas writes: Ghost Squad Hackers (GSH) made their entry a few months ago by conducting Distributed Denial of Service (DDoS) attacks on Ku Klux Klan (KKK) and Black Lives Matter websites. The group then took part in Anonymous‘ linked operation OpIcarus against banking and financial institutions but the latest attack shows the hackers have graduated to a whole new level. Yes, Ghost Squad…