An employment investigation is underway at the Ministry of Social Development after a review into a blunder involving client information in a controversial information-sharing programme slated the ministry for its management of that programme. The review was into an April incident where one organisation accessed an organisation’s folder on a new IT system for social…
Category: Commentaries and Analyses
Report: Hackers ‘aligned’ with Vietnam government attacked international firms and media
Jon Russell reports: A hacker group “aligned with Vietnamese government interests” carried out attacks on corporate companies, journalists and overseas governments over the past three years, according to a report from cyber security firm FireEye. FireEye, which works with large companies to secure their assets from cyber threats, said it has tracked at least 10 separate attacks…
UPDATE: iHealth Innovations responds to Bronx-Lebanon Hospital data security concern
Yesterday, DataBreaches.net reported on a misconfigured rsync backup that had been detected by Kromtech Security. The security firm had contacted DataBreaches.net for notification assistance on May 3 after unsuccessfully trying to notify iHealth Innovations that patient data from Bronx-Lebanon Hospital Center could be accessed and downloaded without any login required. One week later, we still do…
BEC attacks have hit thousands, top $5 billion in losses globally
It’s nice to see this site’s findings agree with government assessments of a problem. It’s also nice to see our efforts put to good use. Steve Ragan has a new piece on Salted Hash with an update on BEC attacks, including those targeting W-2 information. DataBreaches.net has already compiled more than 200 instances of W-2 BEC…
IC3 Warns of Increase in BEC/EAC Schemes
The Internet Crime Complaint Center (IC3) has issued an alert describing a growing number of scams targeting businesses working with foreign suppliers or businesses that regularly perform wire transfer payments. These sophisticated scams are classified as business email compromise (BEC) or email account compromise (EAC) and use social engineering techniques to defraud businesses. Users and…
TheDarkOverlord dumps 180,000 patients’ records from 3 hacks
While thousands of their followers on Twitter seem to be eagerly waiting for TheDarkOverlord (TDO) to dump more tv films or episodes of popular series, TDO went non-fiction this morning, dumping patient/medical records from some of their hacks in the healthcare sector last year. All told, almost 180,000 patients had their personal information shared with the world. Two of…