Aimee Chanthadavong reports: The agency responsible for oversight of My Health Record has revealed there were two incidents that compromised the medical records system during the 2019-20 financial year. In its annual report, the Australian Digital Health Agency (ADHA) outlined how one matter reported to the Office of the Australian Information Commissioner (OAIC) involved a breach to…
Category: Commentaries and Analyses
As international travel services re-open, fraudsters resume
When COVID-19 travel restrictions eased as countries tried to re-open borders to travelers, researchers at Gemini Advisory observed that the sale of travel services — both legal and illegal — started to increase, opening up more opportunities for cybercriminals to monetize stolen payment card data. For those not really knowledgeable about travel services fraud, Gemini…
Data breaches upping ATO fraud ‘red flags’
Asha Barbaschow reports: The Australian Taxation Office (ATO) has a “red flag” feature, which serves up a “ping” whenever an individual or business has been suspected of having fraudulent activity conducted against their name or if their account has been compromised. Facing Senate Estimates on Tuesday, ATO client engagement second commissioner Jeremy Hirschhorn explained that…
Update: Has Guilford Technical Community College notified more than 43,000 students of data breach?
On September 19, DataBreaches.net reported that Guilford Technical Community College (GTCC) in North Carolina had apparently become a ransomware victim of DoppelPaymer on September 13. But on October 6, GTCC was no longer listed on the threat actors’ dedicated leak site. The removal of a victim’s name often indicates that the victim had a change…
Donald Trump’s Twitter password is “maga2020!”, and there’s no 2FA, claims hacker
Updated: The claims made by Victor Gevers, reported below, have been disputed by Twitter, Trump’s team, and an article by Joe Cox on Vice. —————————– Graham Clulely reports that President Trump, whose password back used to be “yourefired” used “Maga2020!” as his Twitter password, with no 2FA. Read more on Graham’s site while some of…
“We take your privacy seriously….” Thursday edition.
I’ve been reading some other sites’ coverage of the Pfizer leak that was discovered by vpnMentor and shared exclusively with DataBreaches.net. The incident involved a misconfigured cloud storage bucket that exposed hundreds of consumer/patient reports to Pfizer on a reporting line for drug safety concerns or other concerns. As such, it contained a lot of…