WCVB reports: Hackers sponsored by the Iranian government tried to get into the computer systems of Boston Children’s Hospital last year; however, they were stopped with the help of the Boston Division of the FBI, officials announced Wednesday. […] In the summer of 2021, the FBI said officials received a report from another intelligence agency…
Category: Hack
Today’s exercise in reading between the lines
A recent notification by Aon had DataBreaches wondering exactly what went on with their incident response. Consider their description of what happened: What Happened? On February 25, 2022, Aon identified a cyber incident that, upon investigation, impacted a limited number of systems. Once the incident was discovered, Aon immediately retained leading cybersecurity firms to assist…
Jailed Israeli private detective hired Indian hackers in job for Russian oligarchs: Court filing
TheWeek reports: An Israeli private investigator, currently awaiting his sentence in the US, used Indian hackers to conduct surveillance operations for ultra-wealthy Russians, according to a Reuters report. Reuters reported last year that Israeli private detective Aviram Azari was accused of hiring the Indian hacking firm BellTroX on behalf of powerful clients. Independent journalist Scott…
GitHub: Nearly 100,000 NPM Users’ credentials stolen in the April OAuth token attack
Pierluigi Paganini reports: GitHub provided additional details about the incident that suffered in April, the attackers were able to steal nearly 100K NPM users’ credentials. In April, GitHub uncovered threat actors using stolen OAuth user tokens to gain access to their repositories and download private data from several organizations. […] The threat actors allegedly obtained the…
Data breach class actions: Southern District of New York dismisses action against health care providers for lack of standing
James Bogan III of Kilpatrick Townsend & Stockton LLP writes: Takeaway: In a prior article, we reported on the Second Circuit’s decision in McMorris v. Carlos Lopez & Associates, LLC, 995 F.3d 295 (2d Cir. 2021), in which the court, ruling on an issue of first impression, set out a non-exhaustive three-factor test for determining…
Ambulance billing service and two health systems report breaches involving protected health information
Comstar LLC Ambulance billing service Comstar LLC in Massachusetts is notifying an as-yet undisclosed number of people following a data security breach of their systems that was detected on March 26, 2022. It is not clear from their notice whether those being notified are all patients who used their service, or if there are also…