HHS has announced another Security Rule enforcement action. This one involves iHealth Solutions (dba Advantum Health), a business associate. The incident involved an unsecured server where protected health information of patients was exfiltrated. The iHealth incident had been discovered by Kromtech Security and was first reported by DataBreaches on May 9, 2017. On May 10,…
Category: Commentaries and Analyses
Sweetwater Union High School District now admits February outage was a hack, but still hasn’t answered questions
There’s an update to a report in February about an outage that wasn’t described at the time as a hack or ransomware attack. Laura Acevedo reports: The Sweetwater Union High School District has confirmed a hack was the cause of a days-long system outage at their facilities, saying the personal information of employees, students, and families…
UK: Prosecution of tracing agent for illegally obtaining personal information
An enforcement action and prosecution was announced by the U.K. Information Commissioner’s Office this week: A former tracing agent pleaded guilty and was fined for illegally obtaining personal information to check if customers of a high street bank could repay their debts. Michael Isaacs, 80, from Epsom, Surrey was the sole director of Datasearch Services…
Law enforcement seizes domains owned by “Pompompurin” and one currently owned by DataBreaches
When the owner of Breached.vc was arrested in March, people expected to see Conor Fitzpatrick’s BreachForums site seized by authorities. Somewhat surprisingly, it wasn’t, and Baphomet, the forum’s administrator, was able to post messages on the site explaining what was going on and that he was taking the site down for fear it had been…
Confused about the drama with the new BreachForums? Reading this will either help you or make your head spin.
[Please see corrections at end of post.] Over the past week, DataBreaches has been contacted by a few journalists who have been somewhat understandably confused about the situation with the original BreachForums and a new forum calling itself BreachForums. And from reading news reports this week, I see that some journalists are making errors, so…
Ransomware Gang Haunted US Firms Long Before MOVEit Hack
Jamie Tarabay reports: Shell Plc, IAG SA’s British Airways, the British Broadcasting Corp., the state of Minnesota’s Department of Education, multiple federal agencies — they’re among the victims of the latest data breach launched by Clop, a Russian-speaking hacking group that’s attacking targets around the world in both the public and private sectors. The Clop gang, also known as…