Update: This incident was reported to HHS as affecting 1,362,470 patients. The Centers for Medicare and Medicaid (CMS) has posted a notice on its site about a data breach at one of its contractors, Maximus Federal Services, Inc. Maximus was one of hundreds of victims of a 0day attack on MOVEit file transfer software by the…
Category: Hack
North Korean hackers targeting JumpCloud mistakenly exposed their IP addresses, researchers say
Zack Whittaker reports: Security researchers say they have high confidence that North Korean hackers were behind a recent intrusion at enterprise software company JumpCloud because of a mistake the hackers made. Mandiant, which is assisting one of JumpCloud’s affected customers, attributed the breach to hackers working for North Korea’s Reconnaissance General Bureau, or RGB, a hacking unit…
Umbreon Unplugged: Unraveling the Sequel to Failures
On June 23, DataBreaches published the first of a series of interviews with Pepijn Van der Stap, aka “Umbreon.” Van der Stap, 21, was arrested in January and remains in detention, awaiting trial on charges that include hacking, data exfiltration, extortion, sale of stolen data, and money laundering. At the end of the first article,…
More plastic surgery patients have their nude photos and information leaked
An unknown party or parties who created a leak site with nude photos and medical records of a well-known plastic surgeon’s patients have uploaded more of his patients’ photos and records. In what was their third update to the leak site since June 5, those responsible wrote that they have changed their strategy. Before publishing…
Norwegian ministries hit by cyberattack
The Norwegian Government Security and Service Organisation (DSS) has detected a cyber-attack on the ICT platform used by 12 ministries. The matter is currently being investigated by the police. “We are taking this incident very seriously. The Norwegian Government Security and Service Organisation (DSS) is cooperating closely with the National Security Authority (NSM) and the…
Buckingham County Public Schools notifies 86 students after a business email account was compromised
Buckingham County Public Schools in Virginia has sent notifications to parents of 86 students after a compromise of a district’s business email account. The incident occurred on June 20. Information in the email account included the student’s name “coupled with a limited amount of health or medical diagnostic and treatment information, and/or address. Examples typical…