DataBreaches suspects that most readers would agree that getting hit by a ransomware gang qualifies your day as a very bad day. But how about getting hit by two different ransomware gangs on the same day? VSS Medical Technology and one of their companies, Sigmund Software, had what sounds like a terrible, horrible, no good,…
Category: Of Note
Fired Uber attorney testifies against ex-security chief in trial over 2016 data breach cover-up
Maria Dinzeo reports: A onetime attorney for Uber who was fired for his role in a suspected coverup of a major 2016 data breach took the stand in the criminal criminal obstruction trial of his former boss on Wednesday, testifying that ex-security chief Joe Sullivan was responsible for changes to a nondisclosure agreement with two…
The Great Resignation linked to a great data theft
Ian Barker reports: We’ve all heard of the Great Resignation, a pandemic-driven shift in people’s work preferences. But new research from Cyberhaven suggests that this has gone hand-in-hand with a huge stealing of data. Based on anonymized details from over 1.4 million workers and spanning 360,000 data exfiltration incidents and a broad sample of companies, including…
Breach of software maker used to backdoor ecommerce servers
Dan Goodin reports: FishPig, a UK-based maker of e-commerce software used by as many as 200,000 websites, is urging customers to reinstall or update all existing program extensions after discovering a security breach of its distribution server that allowed criminals to surreptitiously backdoor customer systems. The unknown threat actors used their control of FishPig’s systems…
Federal Court holds nonprofit health center is immune from data breach class action
Daniel Rockey of Bryan Cave Leighton Paisner writes: In a case of first impression, the United States District Court for the Southern District of California granted the motion of Defendant Neighborhood Healthcare seeking order compelling the United States to defend a putative class action lawsuit alleging that Neighborhood failed to ensure the confidentiality of her…
Twitter’s cybersecurity flaws pose national security risk, whistleblower tells Congress
Kelsey Reichmann reports: Cybersecurity failures at Twitter are endangering users’ data and putting national security at risk, the company’s former security chief, Peiter “Mudge” Zatko, told lawmakers at a hearing on Tuesday. Zatko appeared before the Senate Judiciary Committee to testify about allegations he made against the social media giant earlier this year. In reports…