The California Department of Corrections and Rehabilitation (CDCR) issued a breach notification this week. Because the notification mentions COVID-19 testing, at first, DataBreaches thought it was the incident CDCR had disclosed last month, but no, it turns out that that was a different incident. The newly revealed breach affects staff, visitors, and others tested for…
Category: Hack
‘I went to prison for the £77m TalkTalk hacking. I could be sent back for ordering a McDonalds’
Nicholas Fearn reports: As one of Britain’s most notorious cyber criminals, Daniel Kelley played a leading role in the 2015 TalkTalk data breach. The hack was catastrophic for the telecoms firm, resulting in a financial loss of £77 million (€90.7 million) and the stolen data of over 150,000 customers. Kelley would go on to spend…
How many breaches has Overlake Medical Center & Clinics experienced in the past few years?
In February 2020, Overlake Medical Center and Clinics in Washington State reported a phishing incident in December 2019. More than 109,200 patients were reportedly affected. HHS investigated the incident and wrote a closing note in the file: Overlake Medical Center and Clinics, the covered entity (CE), reported that multiple employees were the victims of an…
Hackers are using cookies to sidestep two-factor authentication
Fionna Agomuah reports: “Cookie stealing” is among the latest trends in cybercrimes that hackers are using to bypass credentials and access private databases, according to Sophos. Typical security advice for organizations has been to move their most sensitive information to cloud services or to use multifactor authentication (MFA) as a safety means. However, bad actors…
SFERRA Fine Linens notifying individuals of breach
What we know so far: On or about April 24, 2022, SFERRA became aware of suspicious activity on its computer servers. The investigation found that certain files may have been subject to unauthorized access between April 14, 2022, and April 24, 2022. The impacted information varied by individual but may include name, address, date of birth,…
Brazilian police launch investigation targeting Lapsus$ group
Andrea Peterson reports: Brazil’s Federal Police carried out eight search and seizure warrants Tuesday as part of an investigation into attacks claimed by the Lapsus$ Group that disrupted the country’s Ministry of Health last December, the agency announced in a press release. Police did not specifically name Lapsus$ Group in the announcement. However, the details described…