The HHS Cybersecurity Program has issued a new brief this week: Log4J Vulnerabilities and the Health Sector You can access it at https://www.hhs.gov/sites/default/files/log4j-vulnerabilities-health-sector.pdf
Category: Of Note
If you are the threat actor(s) responsible for a Swiss contractor attack, please read this
If anyone knows anything about the attack described below, please contact me via Signal or via email (see the Contact page for both). You can also reach me on Telegram @DissentDoe. And if you are the threat actor and are willing to delete/purge the data, please get in touch. Catalin Cimpanu made me aware of…
A data breach that put 688,000 patients at risk just became … even worse
Q: What’s worse than a really bad data breach involving patient and employee data? A: A really bad data breach where the data gets leaked on the internet for everyone to grab for free. In June 2021, DataBreaches.net reached out to Sea Mar Community Health Centers in Washington to alert them to what appeared to…
Unhappy New Year for cybercriminals as VPNLab.net goes offline
Do threat actors feel like walls are closing in on them? They might well be feeling that way — or maybe they should be feeling that way. From Europol, today: This week, law enforcement authorities took action against the criminal misuse of VPN services as they targeted the users and infrastructure of VPNLab.net. The VPN…
South Australian gov issues breach notice to hacked payroll provider
Justin Hendry reports: Payroll software provider Frontier Systems has been issued with a breach of contract notice over a ransomware attack that saw the personal details of 80,000 South Australian public servants stolen. Department of Treasury and Finance chief David Reynolds revealed the the action after it emerged government data had been stolen directly from…
Polish DPA imposes a fine on Warsaw University of Technology for not complying with its obligation
Background information Date of final decision: 9 December 2021 National case Controller: Warsaw University of Technology Legal Reference: Principles (Art. 5(1)(f), Art. 5(2)), Data protection by design and by default (Art. 25(1)), Security of processing (Art. 32(1), Art. 32(2)) Decision: infringement of GDPR, fine issued Key words: principles, processing, security, data protection Summary of…