Q: What’s worse than a really bad data breach involving patient and employee data? A: A really bad data breach where the data gets leaked on the internet for everyone to grab for free. In June 2021, DataBreaches.net reached out to Sea Mar Community Health Centers in Washington to alert them to what appeared to…
Category: Commentaries and Analyses
Unhappy New Year for cybercriminals as VPNLab.net goes offline
Do threat actors feel like walls are closing in on them? They might well be feeling that way — or maybe they should be feeling that way. From Europol, today: This week, law enforcement authorities took action against the criminal misuse of VPN services as they targeted the users and infrastructure of VPNLab.net. The VPN…
Earth Lusca Hackers Aimed at High-Value Targets in Government and Private Sectors
Ravie Lakshmanan reports: An elusive threat actor called Earth Lusca has been observed striking organizations across the world as part of what appears to be simultaneously an espionage campaign and an attempt to reap monetary profits. “The list of its victims includes high-value targets such as government and educational institutions, religious movements, pro-democracy and human rights organizations…
Polish DPA imposes a fine on Warsaw University of Technology for not complying with its obligation
Background information Date of final decision: 9 December 2021 National case Controller: Warsaw University of Technology Legal Reference: Principles (Art. 5(1)(f), Art. 5(2)), Data protection by design and by default (Art. 25(1)), Security of processing (Art. 32(1), Art. 32(2)) Decision: infringement of GDPR, fine issued Key words: principles, processing, security, data protection Summary of…
Guilford Technical Community College notifies 65,646 affected by ransomware incident in 2020
On September 19, 2020, DataBreaches.net reported that Guilford Technical Community College (GTCC) in North Carolina had reportedly become a ransomware victim of DoppelPaymer on September 13. The following month, this site followed up by asking whether GTCC had notified the more than 43,000 students whose data had appeared on the dark web. A spokesperson for…
Accellion reaches $8.1 mln settlement to resolve data breach litigation
Sara Merken reports: Accellion Inc has reached an $8.1 million deal with a proposed nationwide class to end litigation over a breach of its legacy file transfer product, a platform that allowed companies to securely share large or sensitive files, according to settlement papers filed in California federal court. The Palo Alto-based tech company faced…