On July 11, the law firm of Warner Norcross & Judd reported a data breach to the California Attorney General’s Office and other states. This past week, they issued a press release concerning the same incident and also issued a second press release on behalf of Priority Health, a health insurer in Michigan. From the…
Category: Hack
CISCO got hit… and immediately took control of the story
It is the kind of story destined for big headlines. The Yanluowang group announced today that they had attacked CISCO. But instead of them controlling the story, CISCO seems to have immediately taken control. The threat actors, who appear not to be a fan of Grammarly, posted a directory of Drive C: on their leak…
Morocco court in favor of extraditing a French national alleged to be ShinyHunters member to US
French news wires report that Morocco’s Court of Cassation has issued an opinion favorable to extraditing French national Sebastien Raoult to the U.S. to face criminal charges related to alleged involvement in ShinyHunters. But the court’s opinion is not an extradition order and they do not have the final say on extradition. Raoult has been…
BHG Behavioral Health Group recently notified patients of a December 2021 breach
If you know to scroll down on BHG Behavioral Health Group‘s website to their footer, you will see a small link to an undated data security incident notice. That undated notice does not reveal when Behavioral Health Group first discovered the data security incident or how they first discovered it. The notice does state, however,…
Roundup: Four more breaches in the healthcare sector: Healthback Holdings, Zenith American Solutions, Bronx Accountable Healthcare Network, and Centerstone
On June 1, Healthback Holdings, LLC in Oklahoma discovered that they had been subject to a hacking incident that began in October 2021. “A limited number” of employee accounts were compromised. On July 29, Healthback notified HHS that 21,114 patients were affected. Their notice says that names, health insurance information, Social Security numbers, and clinical…
Twitter confirms January breach, urges pseudonymous accounts to not add email or phone number
Jonathan Greig reports: Twitter officially confirmed that a January breach led to the leak of information connected to 5.4 million accounts. Two weeks ago, a hacker on Breach Forums offered email addresses and phone numbers connected to the accounts, which they said ranged from “celebrities, companies, randoms, OGs, etc.” […] For those who have pseudonymous Twitter accounts,…