Connor Jones reports: Security experts have uncovered a hole in Cl0p’s data exfiltration tool that could potentially leave the cybercrime group vulnerable to attack. The vulnerability in the Python-based software, which was used in the 2023-2024 MOVEit mass data raids, was discovered by Italian researcher Lorenzo N and published by the Computer Incident Response Center Luxembourg (CIRCL)….
Category: Hack
Kelly Benefits updates its 2024 data breach report: impacts 550,000 customers
Bill Toulas reports: Kelly & Associates Insurance Group (dba Kelly Benefits) is informing more than half a million people of a data breach that compromised their personal information. The Maryland-based health and life insurance agency has issued an update on a security incident it suffered last year between December 12-17, when unauthorized actors breached its IT…
Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024 (1)
Texas Centers for Infectious Disease Associates (TCIDA) has now issued a press release and sent notification letters to patients affected by an attack they first discovered last July. According to their notice, on July 19, 2024, they learned of unusual activity in their network. Their investigation determined that an unauthorized individual may have accessed or…
Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
Leela Stockley reports that a data security incident at a Northern Light Health vendor may have compromised some patients’ information. The vendor, Compumedics, provides sleep disorder diagnostic services for health system patients seen at Northern Light Eastern Maine Medical Center, Northern Light AR Gould, and Northern Light Sebasticook Valley Hospital. No report has appeared yet…
Breaches have consequences (sometimes) (1)
Connor Smith reports: Six months after a massive data breach that impacted students, families and school staff around the country – including each school district in Southeastern North Carolina – the North Carolina Department of Public Instruction (NCDPI) has renewed part of its contract with the company at the center of the breach. On Monday,…
Kansas City Man Pleads Guilty for Hacking a Non-Profit
There’s an update to a case reported previously on this site. From the U.S. Attorney’s Office for the Western District of Missouri: KANSAS CITY, Mo. – A Kansas City, Mo., man has pleaded guilty for hacking into the computer system at an area nonprofit. Nicholas Michael Kloster, 32, admitted during his plea that he caused…