Anthony Spadafora reports: Cybercriminals have launched a new phishing campaign targeting Ledger wallet users that uses fake data breach notifications to steal their cryptocurrency. […] Back in July of this year, Ledger suffered a data breach when a vulnerability in the company’s website allowed cybercriminals to access customers’ contact details. At that time, the company emailed the…
Category: Phishing
AU: How paper created a vulnerability for cyber criminals to steal 186,000 people’s data
Lucy Cormack reports: When the personal data of 186,000 people was breached in a phishing attack on Service NSW in March, the weakness cyber criminals were able to exploit was actually paper. Passports, banking and Medicare details were potentially exposed in photocopied and scanned paper documents stored inside the email accounts of 47 Service NSW…
Proposed settlement announced in Kalispell Regional Healthcare breach lawsuit
In October, 2019, Kalispell Regional Health suffered a phishing incident that impacted more than 100,000 patients. They were sued shortly thereafter. Today, a proposed settlement of the class action lawsuit was announced. The settlement has yet to be approved and the class hasn’t been certified yet for purposes of the suit. That is all scheduled…
NC: Alamance Skin Center breach left patient data totally unrecoverable
Alamance Skin Center recently reported a HIPAA breach to HHS as being a “Loss” incident with data in EMR. But previous media coverage provided an even more dire understanding of the incident. On November 4, Triad Business Journal reported that the medical practice, part of Cone Health, had been the victim of a ransomware attack. The…
“Email Appender” Implants Malicious Emails Directly Into Mailboxes
As if we didn’t have enough breaches that start by compromising an employee’s email account, now there’s more to worry about. Imagine that despite training your employees to be careful, and despite using updated AV or other software to detect nasties, a threat actor could deliver malware-laden emails directly into your employees’ inboxes. Will employees…
UK: ‘Thousands’ of people could have had personal details in cyber attack on Sandicliffe car dealership
For what… about 14 years now… I have pointed out how many non-medical entities hold sensitive medical information on consumers that may get caught up in breaches. Today’s example is out of the U.K., where Phoebe Ram reports: The bank account details and medical histories of ‘possibly thousands’ of people were stolen during a cyber…