Catalin Cimpanu reports: A new ransomware strain named Qlocker is on a rampage and infecting hundreds of QNAP network-attached storage (NAS) devices every day, taking over hard drives, moving users’ files inside password-protected 7zip archives, and asking for a $550 ransom payment. The first cases were reported on Tuesday, April 20, and the number of…
Category: Commentaries and Analyses
Will Beacon Health Solutions’ incident prompt OCR to start enforcing notification “without undue delay?”
The following is a DataBreaches.net commentary. Beacon Health Solutions issued a press release yesterday about a breach they experienced last year as a business associate. Their press release provides a useful example of why OCR needs to get serious about enforcing the requirement that entities notify patients within 60 days of “discovery.” “Discovery” does not…
Pulse Secure Critical Zero-Day Security Bug Under Active Exploit
Tara Seals reports: CVE-2021-22893 allows remote code-execution (RCE) and is being used in the wild by nation-state cyberattackers to compromise VPN appliances in defense, finance and government orgs. A critical zero-day security vulnerability in Pulse Secure VPN devices has been exploited by nation-state actors to launch cyberattacks against U.S. defense, finance and government targets, as…
Palestinian Hackers Tricked Victims Into Installing iOS Spyware
Lily Hay Newman reports: Hacking activity in the Gaza Strip and West Bank has ramped up in recent years as rival Palestinian political parties spar with each other, the Israeli-Palestinian conflict continues, and Palestinian hackers increasingly establish themselves on the global stage. Now, Facebook has uncovered two digital espionage campaigns out of Palestine, active in 2019 and 2020, that…
Ca: Court approves data breach settlements with BMO, CIBC
James Langton reports: An Ontario court has approved proposed class action settlements with Bank of Montreal (BMO) and CIBC over cybersecurity breaches involving thousands of clients. The Superior Court of Justice endorsed settlements and distribution plans designed to resolve lawsuits against the banks stemming from a data theft that affected more than 10,000 clients of…
Kansas Department of Labor looking into possible data breach
Caroline Elliott reports: A KWCH investigation in February helped to launch a Kansas Department of Labor investigation after the investigation discovered a way to use social security numbers on the KDOL website to pull up anyone’s personal information. Eyewitness News reporter Caroline Elliott has been looking into the issue for months and Tuesday, April 20, Eyewitness…