Rosalind Ang reports: There has been a leak of OG department store customers’ personal data such as names, mobile numbers and dates of birth, said the retailer on Thursday (Jan 6). In a statement to OG members, the department store said it was notified on Tuesday about the data breach, which affected members who are in either…
Category: Hack
Administrative fine imposed on psychotherapy centre Vastaamo for data protection violations
A hack and extortion attempt involving the psychotherapy center in Vastaamo, Finland was — and remains — one of the worst breaches ever covered on PogoWasRight.org and DataBreaches.net because it involved the sensitive mental health information of tens of thousands of patients and a coverup by an executive of the clinic. Now EDPB has posted…
New York Attorney General James Alerts 17 Companies to “Credential Stuffing” Cyberattacks Impacting More Than 1.1 Million Consumers
NEW YORK – New York Attorney General Letitia James today announced the results of a sweeping investigation into “credential stuffing” that discovered more than 1.1 million online accounts compromised in cyberattacks at 17 well-known companies. Attorney General James released a “Business Guide for Credential Stuffing Attacks” that details the attacks — which involve repeated, automated attempts to access online…
Out with the old, in with the new? Saltzer Health, Broward Health report data breaches impacting protected health information
Saltzer Health, Idaho As 2021 wound down, Saltzer Health in Idaho reported a breach it had discovered on June 1. According to their notification, an employee’s email account had been compromised. Investigation showed the access began on May 25. On December 29, Saltzer issued a notice that disclosed the incident and reported that the types…
Portuguese newspaper is hacked by group that attacked Ministry of Health
Abhishek Pratap reports: The Portuguese newspaper Expresso was attacked by hackers at dawn this Sunday, 2. Those responsible for the invasion are the Lapsus Group, the same team that shut down the Ministry of Health’s systems last December. The newspaper’s website displays a page similar to the one shown in the attack on the Brazilian government agency….
UVA Health notified patients after Ciox Health data breach (updated)
Someone on Twitter asked me what the first breach of 2022 would be. The following public notice is not the first breach of 2022. It is a 2021 breach that just showed up after midnight in my news search this morning. And because it involves a third-party breach, we may see other covered entities affected,…