From AdvIntel: Executive Summary Background: “Achilles” is an English-speaking threat actor primarily operating on various English-language underground hacking forums as well as through secure messengers. Achilles specializes in obtaining accesses to high-value corporate internal networks. Verticals: Achilles victims are primarily private sector entities; however, the actor also targeted public domains, government-affiliated companies, and international organizations….
Category: Of Note
Sock company Bombas fined by NYS for delayed notification of data breach
There’s a follow-up to the Bombas breach that was previously reported on this site. Laura Italiano reports: Sock-maker Bombas has settled the most uncomfortable data-breach probe in the history of feet. New York Attorney General Letitia James on Thursday announced that Bombas LLC — whose ads call their products “the most comfortable socks in the…
Cathay Data Breach Incident – Personal Data Security & Retention Principles Contravened – Lax Data Governance
The following is the media statement from the Privacy Commissioner’s Office following the conclusion of their investigation into the 2018 Cathay Pacific Airways breach. You can download their investigative report from their site here (pdf). The Privacy Commissioner for Personal Data, Hong Kong (Privacy Commissioner) Mr Stephen Kai-yi WONG today published an investigation report on…
Kansas hospital pays $250K to settle charges it falsified EHR security risk assessment
Nathan Eddy reports: Coffey Health System, a 25-bed critical access hospital in Kansas, has agreed to pay a $250,000 settlement for alleged False Claims Act violations related to its meaningful use attestation. Specifically, the U.S. Department of Justice charged that the hospital falsely attested that it had conducted the necessary security assessment to comply with…
Unsurprisingly, big numbers from the AMCA breach are starting to be revealed
On May 10, when DataBreaches.net first reported that the American Medical Collection Agency had been breached, we reported that information from 200,000 payment cards had been found for sale on a top-tier market by Gemini Advisory analysts, whose investigation linked those cards to AMCA. At the time, we did not know how many other payment…
Premera Reaches Proposed $74M Settlement Over 2014 Breach of 11M
Jessica Davis reports: Premera Blue Cross reached a proposed $74 million settlement with the 11 million patients impacted by its 2014 breach, caused by a sophisticated cyberattack that lasted for nearly one year before it was discovered. In January 2015, Premera officials discovered the breach that began nearly a year earlier in May 2014. Premera, Premera…