Catalin Cimpanu reports: A Russian state-sponsored cyber-espionage group has come back to life after a one-year period of inactivity with a relative large spear-phishing campaign that has targeted both the US government and private sector. The hacking group is known in infosec circles as Cozy Bear, APT29, The Dukes, or PowerDuke, and is infamous because…
Category: Phishing
NL: Internet con men ripped off Pathe NL for €19m in business email compromise
Heads rolled in this one, when executives did not spot or prevent business email compromise. As reported by DutchNews.nl: The Dutch operation of the Pathé cinema group was ripped off by internet con men to the tune of over €19m, court documents published on Friday show. The con cost both the chief executive and financial…
FL: Health First, Inc. notified 42,000 patients after phishing incident
On October 5, Health First, Inc., a Florida-based healthcare provider, notified HHS of a breach that affected 42,000 patients. The incident was coded on HHS’s breach tool as hacking/IT incident involving e-mail. It has taken a while to obtain more details, but DataBreaches.net has now received a statement from Matthew Gerrell, Senior Vice President, Consumer…
Children served by Florida DOH child protective services may have had psychological and medical info accessed in hack
From the Pensacola News Journal: The Florida Department of Health has reported a data breach that may have comprised the personal information of some patients in Escambia, Santa Rosa, Okaloosa and Walton counties. The department completed an investigation and found that an unauthorized user compromised the Microsoft Outlook 365 account of an employee of the Children’s Medical…
Hackers using police, fire chiefs’ emails to try and steal information
Because why not, right?
Southwest Washington Regional Surgery Center notifies 2,393 patients after phishing attack exposed their PHI
The Southwest Washington Regional Surgery Center in Vancouver, Washington, recently notified the Oregon Attorney General’s Office of a breach that they discovered on September 25, 2018. Here is the text of their notification, as posted on their web site: Southwest Washington Regional Surgery Center, LLC (“SWRSC”) is committed to maintaining the privacy and security of…