What happens when threat actors leak data on the dark web but the victim entity doesn’t access it in time to figure out what was leaked? That’s what happened to PruittHealth in Georgia last year. How many people are they notifying because they can’t figure out what was accessed, acquired, or leaked? In November 2023,…
Category: Hack
Numotion data breach affected 602,265 patients
In March 2023, United Seating and Mobility, LLC, d/b/a Numotion (“Numotion”) paid the government $7 million to resolve allegations that it made false claims in submitting reimbursement requests to Kentucky Medicaid, two of Kentucky Medicaid’s Managed Care Organization contractors (MCOs), MO HealthNet (Missouri Medicaid), and D.C. Medicaid (archived). Numotion is a nationwide provider of durable…
Data breach involving two former Kalamazoo employees under criminal investigation
Here’s your occasional reminder about insider-wrongdoing breaches. Katie Sergent reports: City officials notified all staff of a data breach impacting about 250 current and former city employees, according to Kalamazoo Communications Manager Michael Smith in a statement to News Channel 3 Wednesday. The breach involved two former city employees, and was discovered on March 28…
Germany’s Christian Democratic party hit by ‘serious’ cyberattack
Euractiv and Reuters report: Germany’s Christian Democratic Union (CDU), the country’s leading opposition party, has been hit by a major cyberattack and has taken parts of its IT-infrastructure off the grid as a precautionary measure, authorities said on Saturday (1 June). “There was a serious cyber attack on the CDU network,” Germany’s Interior Ministry said…
Snowflake Warns: Targeted Credential Theft Campaign Hits Cloud Customers
The Hacker News reports: Cloud computing and analytics company Snowflake said a “limited number” of its customers have been singled out as part of a targeted campaign. “We have not identified evidence suggesting this activity was caused by a vulnerability, misconfiguration, or breach of Snowflake’s platform,” the company said in a joint statement along with CrowdStrike and…
Snowflake data breach claims spark war of words over culpability; researchers may have been trolled
Solomon Klappholz reports: Snowflake has pinned the blame on a series of high-profile data breaches in recent days on customers failing to adequately secure production environments by using two-factor authentication. In a statement on 2 June 2024, Snowflake CISO Brad Jones pushed back on claims that major data breaches involving Ticketmaster and Santander were caused by a vulnerability or misconfiguration in Snowflake’s platform. […] Cyber crime intelligence…