An unsecured backup blob exposed pre-employment background checks on approximately 200,000 people. Applicant files contained various amounts of personal and occupational information, including SSN, name, address, driver’s license, date of birth, education and employment history, and in some cases, criminal background checks. Files went back 15 years. The blob was unsecured for at least six…
Category: Commentaries and Analyses
Update: Gramercy Surgery Center attackers leaked patient data going back 20 years (1)
On June 18, Gramercy Surgery Center in New York discovered it might have been the victim of a cyberattack attack. It had been, and DataBreaches recently reported that the threat actor(s) known as Everest Team leaked more than 460 GB of files they claimed to have exfiltrated. Neither Gramercy Surgery Center (GSM) nor Everest responded…
Leader of International Malvertising and Ransomware Schemes Extradited from Poland to Face Cybercrime Charges
Justice Department Unseals Charges Against Two Additional International Cybercriminals WASHINGTON – A Belarussian and Ukrainian dual-national charged in both the District of New Jersey and Eastern District of Virginia with leading international computer hacking and wire fraud schemes made his initial appearance in Newark, New Jersey, today after being extradited from Poland. As alleged in…
Betances Health Center hit by ransomware attack; sensitive patient data leaked
On July 12, threat actors known as Hunters International added Betances Health Center in New York to their leak site. On July 25, they leaked what they claim is almost 125 GB of information consisting of 361,564 files. Betances Health Center describes itself as offering a full range of primary care and preventive services, as…
Number of appointments at NHS trusts impacted by cyber attack passes 10,000
The Jersey Evening Post reported: More than 10,000 appointments have been cancelled at the two London NHS trusts that were worst affected by a cyber attack earlier this summer, new figures have revealed. Pathology services provider Synnovis was the victim of a ransomware attack by Russian cyber gang Qilin on June 3. An update from…
Security bugs in ransomware leak sites helped save six companies from paying hefty ransoms
Zack Whittaker reports: A security researcher says six companies were saved from having to pay potentially hefty ransom demands, in part thanks to rookie security flaws found in the web infrastructure used by the ransomware gangs themselves. Two companies received the decryption keys to unscramble their data without having to pay the cybercriminals a ransom,…