On October 6, DataBreaches reported a breach allegedly containing more than 600,000 lines of data on registered voters in D.C., where, according to the threat actors who listed it, each line represented one voter’s records. Although there may have been 600k lines of data as previously reported, the D.C. Board of Elections released a statement…
Category: Of Note
Inmediata settles multi-state litigation for $1.14 million; will improve data security and breach notification practices
Indiana Attorney General Rokita led a coalition of 33 attorneys general in a multi-state investigation and litigation against health care clearinghouse Imnediata stemming from a breach disclosed in 2019. Background In January 2019, HHS OCR alerted Inmediata that protected health information (PHI) maintained by Inmediata was available online and had been indexed by search engines….
Equifax’s U.K. Arm Fined Over 2017 Data Breach
Margot Patrick reports: Equifax’s (EFX) U.K. arm was fined around $13.6 million Friday for failing to protect the data of millions of British customers in a 2017 hack of the credit-reporting company. The British arm outsourced customer-data processing to the U.S., and then failed to manage or monitor data security, the Financial Conduct Authority said. Read…
FBI and CISA Release Update on AvosLocker Advisory
The AvosLocker ransomware leak site has not been seen for months, but the government is providing an update on them based on its investigations as recently as May 2023. In May, DataBreaches reported on the Bluefield College breach by an affiliate of Avos. Because AvosLocker is RaaS, it’s possible that it is still active but…
The largest cyberattack of its kind recently happened. Here’s how.
Tim Starks writes: A trio of internet giants revealed on Tuesday that they had fought off an “unprecedented” distributed denial-of-service (DDoS) attack — used to disrupt the availability of systems like websites and services — that registered as the biggest on record, by far. Cloudflare, Google and Amazon Web Services (AWS) said the attack relied…
Passwordless by default: Make the switch to passkeys
From Google: Earlier this year we rolled out support for passkeys, a simpler and more secure way to sign into your accounts online. We’ve received really positive feedback from our users, so today we’re making passkeys even more accessible by offering them as the default option across personal Google Accounts. This means the next time you…