When the owner of BreachForums was arrested this week, it was not a total surprise, but there were aspects to it that were curious. DataBreaches wonders whether this was a rushed operation in response to some possibly urgent concern. Bloomberg Law broke the news Friday that Conor Brian Fitzpatrick, aka “Pompompurin,” was arrested Wednesday, and…
Category: Commentaries and Analyses
El Camino Health investigating claims of a data breach
El Camino Health is investigating a possible data breach involving patient data, but whose breach is it? On February 22, DataBreaches received a tip about a listing offering patient data allegedly from El Camino Health in California. The listing was not on any of the usual leak sites, markets, or forums, and the poster was…
Orlando Family Physicians data breach class action settlement
TopClassActions reports that a class action lawsuit against Orlando Family Physicians (OFP) has settled for an undisclosed sum. The settlement, which doesn’t include any admission of guilt by OFP, resolves claims surrounding an April 2021 data breach. The breach reportedly occurred when four OFP employees fell prey to a phishing attack. Although the attack was…
Google Reveals Samsung Phones Could Be Hacked Without Owners Knowing: Here’s How
Dane Enerio reports: Google has warned that some of its smartphones running the company’s own Android operating system, as well as other devices from manufacturers such as Samsung and Vivo, could be accessed by third-party actors without owners ever becoming aware of such a breach. A total of 18 zero-day vulnerabilities, or exploits previously only…
CISA Advisory: #StopRansomware: LockBit 3.0
Release Date: March 16, 2023 Alert Code: AA23-075A SUMMARY Note: this joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to…
BianLian Ransomware Pivots From Encryption to Pure Data-Theft Extortion
Elizabeth Montalbano reports: The BianLian ransomware group is ramping up its operations and maturing as a business, moving more swiftly than ever to compromise systems. It’s also moving away from encryption to pure data-theft extortion tactics, in cyberattacks that have so far bagged at least 116 victims, researchers have found. BianLian, first discovered last July, hasn’t deviated much…