Unauthorized access to a New Jersey Health Information Management (HIM) vendor’s portal has resulted in some patients’ protected health information being acquired and exfiltrated. Earlier today, DataBreaches was contacted by someone known to this site as “DarkFox.” DataBreaches has reported on DarkFox in the past without identifying them, but is identifying them this time by…
Category: Hack
Hackers claim to hit Israeli tourism sites
Tzvi Joffre reports: A hacker group called Sharp Boys claimed that it had obtained data from Israeli tourism sites on Tuesday, including ID numbers, addresses, credit card information and more. Which sites were affected? The affected sites, according to the hackers, are hotels.co.il, isrotel.com, minihotel.co.il, tivago.co.il and danhotels.com. Read more at Jerusalem Post.
Cyberattacks: Karakurt makes a comeback with a bang
The following is a machine translation of an article by Valéry Rieß-Marchive: “A lot of May leaks are coming”. This is the message displayed in large print on the front page of Karakurt’s new showcase site. And he is not alone. It is accompanied by the announcement of future disclosures of data concerning 10 hitherto unknown victims. All are scheduled for…
Illuminate breach victims are still first being notified
Spotted today: a notification by the Renton School District in Washington that they notified 20,509 Washington residents on June 17 dues to a breach that sounds like the Illuminate breach (based on the dates reported by Renton): https://agportal-s3bucket.s3.amazonaws.com/databreach/BreachM13493.pdf
Unsurprisingly, hacktivists protest the overturn of a woman’s right to her own body
The announcement appeared on the Telegram channel of a group calling themself “SiegedSec:” TIME FOR SOME 1337 H4CKTIVISM!!! (4 the record, we will still do blackhat stuff 😉 Like many, we are also pro-choice, one shouldn’t be denied access to abortion. As added pressure to the U.S government, we have leaked many internal documents and…
Expensive week for Carnival Corp: a $1.25 million settlement with states over one breach, then a $5 million settlement with New York for violating state cybersecurity regulation
It seems this was the week for following up on Carnival Corporation breaches. Earlier this week, state attorneys general announced a $1.25 million multistate settlement with the cruise line over a 2019 data breach first disclosed in 2020. But there was other news concerning the cruise line this week, too. On Friday, the New York…