Josh Renaud reports: The Social Security numbers of school teachers, administrators and counselors across Missouri were vulnerable to public exposure due to flaws on a website maintained by the state’s Department of Elementary and Secondary Education. The Post-Dispatch discovered the vulnerability in a web application that allowed the public to search teacher certifications and credentials…
Category: Commentaries and Analyses
Under the media radar…
Here are just a few more breach reports that reveal medical or health information. The following may not be HIPAA-covered entities or may not show up on HHS’s public breach tool even if they are covered (because of the number impacted): Lion Street Financial in Texas recently notified the New Hampshire Attorney General’s Office about…
Ransomware Group FIN12 Aggressively Going After Healthcare Targets
Ravie Lakshmanan reports: An “aggressive” financially motivated threat actor has been identified as linked to a string of RYUK ransomware attacks since October 2018, while maintaining close partnerships with TrickBot-affiliated threat actors and using a publicly available arsenal of tools such as Cobalt Strike Beacon payloads to interact with victim networks. Cybersecurity firm Mandiant attributed…
Netherlands can use intelligence or armed forces to respond to ransomware attacks
Catalin Cimpanu reports: The Dutch government said it would use its intelligence or military services to counter cyber-attacks, including ransomware attacks, that threaten its national security. Answering a parliamentary inquiry into the country’s possible avenues of response to ransomware attacks, Ben Knapen, Dutch Minister of Foreign Affairs, said under normal circumstances, diplomatic avenues take precedence,…
IL: OSF Healthcare discloses ransomware incident
In May, 2021, DataBreaches.net sent an email inquiry to OSF Healthcare in Illinois after seeing that threat actors known as Xing Team claimed to have attacked them and exfiltrated data. OSF Healthcare never responded to the inquiry. In June, after Xing Team started dumping what appeared to be patient data, DataBreaches.net sent OSF Healthcare a…
Identity Theft Resource Center to Share Latest Data Breach Analysis With U.S. Senate Commerce Committee; Number of Data Breaches in 2021 Surpasses all of 2020
SAN DIEGO, Oct. 6, 2021 /PRNewswire-PRWeb/ — Today, the Identity Theft Resource Center® (ITRC), a nationally recognized nonprofit organization established to support victims of identity crime, released its U.S. data breach findings for the third quarter (Q3) of 2021. According to the data breach analysis, the number of data breaches publicly-reported in the U.S. decreased…