Some food for thought from a report by SpyCloud: MASSIVE SCALE OF IDENTITY EXPOSURES CREATES NEW RISKS The scale of identity exposure due to infostealers is massive: 61% of breaches last year were malware-related and responsible for 343.78 million stolen credentials. Our recaptured data also shows that as many as 1 in 5 people are…
Category: Commentaries and Analyses
Failure to Safeguard, Two Cyber Intrusions, and an $850,000 SEC Settlement
Melissa Pascualini of JacksonLewis writes: … In a recent settlement agreement with the SEC, a New York-based registered transfer agent, Equiniti Trust Company LLC, formerly known as American Stock Transfer & Trust Company LLC, agreed to pay $850K to settle charges that it failed to assure client securities and funds were protected against theft or…
Everything old is new again, part 2: Was U.S. Dermatology Partners hit twice within months?
Earlier today, DataBreaches reported that MCNA Dental allegedly suffered a cyberattack involving patient data. According to the threat actor who claimed responsibility for the attack (Everest Ransom Team), this incident was totally unrelated to a February 2023 ransomware attack by LockBit that was supposedly leaked in April 2023. In May 2023, MCNA Dental reported that…
NJ: The Physical Medicine & Rehabilitation Center discloses July attack by Meow Leaks
On September 6, The Physical Medicine & Rehabilitation Center posted a substitute notice on its website about an incident in July that affected patients at their New Jersey and New York locations. The attack by Meow Leaks reportedly resulted in the threat actors accessing some protected health information (PHI) of an undisclosed number of patients….
Thousands of Vastaamo leak victims seek higher compensation
YLE reports: Two lawyers representing some victims of the massive Vastaamo psychotherapy centre data breach say their clients are dissatisfied with the compensation amounts announced by the State Treasury. In late August, Treasury service director Tuomo Yliluoma estimated to Yle that Vastaamo’s victims will receive an average of 500–1,500 euros in damages for attempted or aggravated extortion….
Feeld dating app’s security too open-minded as private data swings into public view
Connor Jones reports: Security researchers have revealed a litany of failures in the Feeld dating app that could be abused to access all manner of private user data, including the most sensitive images not intended to be kept or shared. Feeld caters to “open-minded individuals” – those specifically interested in exploring alternative relationship models such…