In a somewhat unusual approach to marketing, a new hacking-related forum intentionally leaked a database with the usernames and email addresses of many of the very people it hopes will register for its new forum — and then advertised the leak. How’s that working out for them so far? When RAIDForums was seized by law…
Category: Commentaries and Analyses
South Jersey Behavioral Health Resources discloses ransomware attack
South Jersey Behavioral Health Resources has disclosed that they were hit with a ransomware attack on April 3. They do not indicate what group attacked them, or what any ransom demand may have been, and DataBreaches has not seen this incident on any leak site to date. According to their notification, “The investigation remains ongoing,…
Mission Community Hospital attackers exploited vulnerabilites in Paragon and Cisco
As Mission Community Hospital in California continues to investigate a cyberattack in April, more details have emerged as to how the attack by RansomHouse threat actors occurred. As previously reported, the RansomHouse listing for Mission Community Hospital claimed to have 2.5 TB of data and provided some proof of claims. RansomHouse also included a note…
Update on GLBA Safeguards Rule in Higher Education
Benjamin Wanger and Pierce T. Cox of BakerHostetler write: On February 9, 2023, the Department of Education Office of Federal Student Aid (“FSA”) issued an electronic notice regarding the Federal Trade Commission’s Final Rule amending the Standards for Safeguarding Customer Information (“Safeguards Rule”) under the Gramm-Leach-Bliley Act (“GLBA”). The amendments to the Safeguards Rule, which go into…
Hong Kong privacy watchdog warns data management firm over possible exposure of credit histories of 180,000 people
Sammy Heung reports: Hong Kong’s privacy watchdog has threatened to take legal action against a data management firm for failing to protect the credit histories of about 180,000 people from unauthorised access. The Office of the Privacy Commissioner for Personal Data on Thursday said it received a complaint in December 2021 from an individual who…
Infostealers: a threat that is still largely (too) stealthy
In September, Britton White and PogoWasRight.org teamed up to produce an explainer and caution about infostealers that was oriented to the public. Our article, Redline: Storing Passwords in your Browser Can Ruin Your Life (But Will Make Criminals VERY Happy!) included cautions about employees who work from home and who might have their login credentials…