When Website Planet emailed me about an unencrypted and non-password-protected database containing 1,115,061 records with 2.49 GB of sensitive information from an adoption agency, the name Gladney Adoption Center rang a bell. I had seen that name before in the context of a data security incident. Reading the findings by Jeremiah Fowler, I was struck…
Category: Commentaries and Analyses
RansomedVC is back — and is still attacking its competitors
On July 9, RansomedVC reappeared, temporarily referring to itself as “RebornVC,” but quickly reverting to its better-known identity. Its first two victims were listed as SnapAV/Resideo (Snap One) in the U.S. and Unyleya in Brazil. No proof of claims was offered for either listing, and no deadlines were posted, but Snap One had a price…
70% of healthcare cyberattacks result in delayed patient care, report finds
Chad Van Alstin reports: Last year, 92% of all healthcare organizations—systems, hospitals, and provider groups—were targeted by a cyberattack, according to a new report from vendor Fortified Health Security. Further, 70% of those that reported experiencing an incident said patient care was impacted in some form, signaling that even an unsuccessful data breach can result in…
Hackers Can Remotely Trigger the Brakes on American Trains and the Problem Has Been Ignored for Years
Matthew Gault reports: Many trains in the U.S. are vulnerable to a hack that can remotely lock a train’s brakes, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the researcher who discovered the vulnerability. The railroad industry has known about the vulnerability for more than a decade but only recently began to fix it….
Back from the Brink: District Court Clears Air Regarding Individualized Damages Assessment in Data Breach Cases
Gavin Reinke, Ashley Miller and Amanda Wellen of Alston & Bird write: On June 27, 2025, the District Court for the Middle District of Florida, on remand from the Eleventh Circuit, reversed course when it denied class certification to a group of plaintiffs who were purportedly impacted by a spring 2018 cyberattack on Brinker International,…
Qilin Emerged as The Most Active Group, Exploiting Unpatched Fortinet Vulnerabilities
Tushar Subhra Dutta reports: The ransomware landscape witnessed a dramatic shift in June 2025 as the Qilin ransomware group surged to become the most active threat actor, recording 81 victims and representing a staggering 47.3% increase in activity compared to previous months. This Ransomware-as-a-Service operation, which has accumulated over 310 victims since its emergence, has…