In the past year, we have seen a significant increase in the use of dedicated leak sites where ransomware threat actors post the names of victims and dump some of their data to pressure them to pay demanded ransom. In the U.S., HIPAA gives covered entities no more than 60 days from discovery of a…
Category: Of Note
Trump lawsuit site to report rejected votes leaked voter data
No one could have ever foreseen this happening because nobody ever knew how difficult web site security could be….. Ax Sharma reports: The DontTouchTheGreenButton.com website just launched by the Trump campaign in relation to the recently filed Arizona “rejected votes” lawsuit was discovered to be leaking voter data. The data included the voter name, address, and a unique…
Almost 11 million patients impacted by Blackbaud incident — and still counting
Earlier this week, Marianne Kolbasuk McGee had a follow-up piece on the Blackbaud ransomware incident. As part of her update, she reported that Blackbaud would not provide answers when asked about the number or names of clients involved in the incident who had patient data or medical information of donors involved. McGee notes: A snapshot…
Don ‘t pay ransom on the promise your data will be deleted, because it won’t be — Coveware
In Coveware’s Q3 2020 report, there’s a section on criminals not keeping their word about deleting data if you’ll just pay them their extortion demands (imagine criminals not keeping their word — oh, the shock): PAYING A RANSOM MAY NOT STOP RANSOMWARE GROUPS FROM LEAKING THE EXFILTRATED DATA Coveware feels that we have reached a…
23,600 hacked databases have leaked from a defunct ‘data breach index’ site
Catalin Cimpanu reports: More than 23,000 hacked databases have been made available for download on several hacking forums and Telegram channels in what threat intel analysts are calling the biggest leak of its kind. The database collection is said to have originated from Cit0Day.in, a private service advertised on hacking forums to other cybercriminals. Read…
June retrial date set for ex-CIA engineer in leak case
The Associated Press reports: The retrial of a former CIA software engineer charged with leaking secrets to WikiLeaks in an espionage case will begin June 7, a judge said Wednesday. U.S. District Judge Paul A. Crotty set the date for Joshua Schulte over the objections of a defense lawyer who said it would be impossible…