If the claims of someone in an AlphV (BlackCat) subgroup known for social engineering skills are true — and vx-underground believes their source is credible, then …. words fail: All ALPHV ransomware group did to compromise MGM Resorts was hop on LinkedIn, find an employee, then call the Help Desk. A company valued at $33,900,000,000…
Category: Hack
Texas Medical Liability Trust updates its data breach notification; now provides notification on behalf of almost 60,000 individuals
In March, Texas Medical Liability Trust on behalf of itself and its affiliates, Texas Medical Insurance Company, Physicians Insurance Company, and Lone Star Alliance, Inc., a Risk Retention Group (collectively “TMLT”) filed a breach notification with the Maine Attorney General’s Office. That submission indicated that 625 individuals had been affected by a breach that occurred…
Save the Children confirms systems breach
Claudia Glover reports: Save the Children appears to have been hacked by the Chinese data extortion gang BianLian, according to data posted to the latter’s victim blog. Though it does not mention the charity by name, the cybercrime organisation claims to have stolen up to 8GB of files from an international NGO “employing over 25,000…
St. Paul Public Schools notifies families of data breach from February
KSTP reports: St. Paul Public Schools notified families and staff last week of a “data security incident” last winter that may have exposed students’ names and email addresses. In a letter sent out on Friday, the district said it became aware of the issue in February and flagged the FBI, Minnesota IT Services and the…
Bloom Health Centers discloses data breach involving mental health data of 1,545 patients
Updated September 13: This incident was reported to HHS as affecting 1,654 patients. On September 11, Psych Associates of Maryland LLC d/b/a Bloom Health Centers (“Bloom Health”), a mental health service provider, announced a data security incident that involved the personal and protected health information of some clinicians and patients. Before digging into the details,…
Massive ransomware attack on Sri Lanka’s state email domain
Sri Lanka Mirror reports: All Government offices using the “gov.lk” email domain, including the Cabinet Office, have lost data from May 17 to August 26, 2023, after a massive ransomware attack, the Information and Communication Technology Agency (ICTA) has confirmed. The virus could have affected around 5,000 email addresses, ICTA CEO Mahesh Perera said, admitting…