Balaji N reports: Notorious ransomware group Brain Cipher has claimed to have breached Deloitte UK, allegedly exfiltrating over 1 terabyte of sensitive data from the professional services giant. Brain Cipher is a ransomware group that emerged in June 2024, quickly gaining notoriety for its cyberattacks on organizations worldwide. Notably, it was responsible for a significant attack on…
Category: Business Sector
Express Services disclosed a data breach. One month later, they learned they had a second data security problem.
Express Employment Professionals (“Express Pros“) describes itself as a leading staffing agency in the U.S., “specializing in matching job seekers with the best jobs for their skills and experience.” Express Pros is the flagship brand for Express Services and conducts business across the U.S., Canada, South Africa, Australia, and New Zealand. Express Pros operates as…
U.S. officials urge Americans to use encrypted apps amid unprecedented cyberattack
Kevin Collier reports: Amid an unprecedented cyberattack on telecommunications companies such as AT&T and Verizon, U.S. officials have recommended that Americans use encrypted messaging apps to ensure their communications stay hidden from foreign hackers. The hacking campaign, nicknamed Salt Typhoon by Microsoft, is one of the largest intelligence compromises in U.S. history, and it has…
Failure to terminate access can be costly. Very costly.
Earlier today, DataBreaches posted an HHS OCR announcement of a settlement with a HIPAA covered entity. A former contractor had accessed its electronic medical record system on three occasions without authorization to retrieve PHI for use in potential fraudulent Medicare claims. OCR imposed a monetary penalty of $1.19 million for the entity’s failure to: conduct…
Major energy contractor reports ‘limited’ access to IT after ransomware locks files
Jessica Lyons reports: American energy contractor ENGlobal disclosed that access to its IT systems remains limited following a ransomware infection in late November. In a Monday filing with the US Securities and Exchange Commission (SEC), the company said it became aware of a cybersecurity incident on November 25 after criminals broke into its networks and locked…
Over 600,000 Records, Including Background Checks, Vehicle, and Property Records Exposed Online: SL Data Services/Propertyrec
Jeremiah Fowler reports finding another exposed database with a lot of personal information. This one may belong to SL Data Services, LLC, though Fowler notes that the folders inside it were named with separate website domains. “It appears that the company operates a network of an estimated 16 different websites, offering a range of information…