Earlier this week, DataBreaches reported that two plastic surgery practices in California had both suffered cyberattacks. When the doctors did not pay ransom demands, attackers leaked nude patient pictures and patient info. One attack was by AlphV (BlackCat) on Beverly Hills Plastic Surgery. The other attack was by an unnamed group or individual on Gary…
Category: Commentaries and Analyses
Eleventh Circuit Requests Refined Class Definition For Data Breach Class Action
Gerald L. Maatman, Jr., Alex W. Karasik, and George J. Schaller of Duane Morris write: In Steinmetz et al. v. Brinker International, Inc., No. 21-13146, 2023 U.S. App. LEXIS 17539 (11th Cir. July 11, 2023), the Eleventh Circuit vacated the district court’s order certifying a nationwide class and California-only class in a data breach case. In so…
Kr: PIPC Sanctions LG U+ Telecom, Imposes Administrative Penalty of $5.3 Million for Breach Along with Corrective Orders
Press Release July 12, 2023 (This is an unofficial translation of a press release, originally prepared in Korean.) On July 12, the Personal Information Protection Commission (PIPC) held a plenary meeting and reached a decision to impose an administrative penalty of KRW 6.8 billion (USD 5.3 million) and an administrative fine of KRW 27 million…
Payroll Services Provider UKG Agrees to $6 Million Settlement in Data-Breach Lawsuit
James Rundle reports: Payroll services provider UKG has agreed to settle a class-action lawsuit stemming from a cyberattack in 2021, capping a significant piece of litigation that emerged from the incident. A ransomware strike in December 2021 forced parts of UKG’s Kronos Private Cloud product offline, disrupting software that tracked employee hours during the Christmas holiday period….
Owner of BreachForums pleads guilty in federal court to three counts, including one involving child pornography
Update and note: After this post appeared and was posted on Mastodon, some people complained about the original headline, characterizing it as “clickbait.” That was not my intention. I was just trying to accurately describe what I saw as the most noteworthy part of the situation without mentioning either CSAM or CP in the headline…
Millions of personal records unprotected in flawed telemedicine application software
Rosie Talaga reports: QuickBlox, a software development framework used in telemedicine and finance, was found to have several critical security flaws, according to a joint study from computer and network security research firms Check Point Research and Claroty Team82 published July 12. QuickBlox’s video and chat features are commonly used in mainstream telemedicine applications and platforms. The…