Kevin Collier reports: The U.S. government said Wednesday that North Korea is behind a recent strain of ransomware cyberattacks on hospitals and other health care facilities. The warning is the starkest alert to date that North Korea, which the U.S. has long alleged uses its hackers to raise money for state programs like its nuclear weapons…
Category: Commentaries and Analyses
Hungarian authority fines data controller EUR 7,500 data breach and rules free online services not suitable for high-risk processing
Dóra Petrányi, Katalin Horváth, Márton Domokos, and Daniella Huszár of CMS Cameron McKenna Nabarro Olswang LLP write: In the latest decision of the National Authority for Data Protection and Freedom of Information (NAIH), a data controller for a political party, responsible for a data breach where six Excel files were made publicly available through a…
EXCLUSIVE: Marriott hacked again? Yes. Here’s what we know.
On June 28, DataBreaches received a message from an unrecognized sender. The subject was: “Breach of Marriott hotels! Very Important!” DataBreaches’ first thought was, “Seriously? Is this yet another breach involving Marriott or are some kids just trying to leak old data?” As it turned out, this was, in fact, a new breach. But how…
CISA Alert (AA22-181A): MedusaLocker
CISA Alert: (AA22-181A) #StopRansomware: MedusaLocker Summary Actions to take today to mitigate cyber threats from ransomware: • Prioritize remediating known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Enable and enforce multifactor authentication. Note: this joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders…
Alameda Health System’s second breach went undetected by investigators of first breach?
On June 24, Alameda Health System in California submitted a notification to the California Attorney General’s Office. The notification concerned a breach of an employee’s email account breach that began on April 30, 2020. The breach wasn’t discovered until February 23, 2022, and the account was locked down after that in March. According to Alameda’s…
Updating: Breach reports from Eye Care Leaders’ clients continue to add up
As June drew to a close, DataBreaches’ little notepad tabulations indicate that we already have reports from 32 entities impacted by the Eye Care Leaders breach last December. Readers may recall that ECL’s myCare Integrity platform was reportedly accessed by an unauthorized individual who deleted some of the databases before being detected. As far as…