Of Note – Page 96 – DataBreaches.Net

In SEC Battle, Covington Ordered to Disclose Names of 7 Clients

Posted on July 25, 2023 by Dissent

Abigail Adcox reports: U.S. District Judge Amit Mehta of the District of Columbia has ruled that Covington & Burling must disclose to the U.S. Securities and Exchange Commission the names of seven clients whose information may have been exposed in a 2020 cyberattack that impacted the firm. “Covington shall produce to the Commission the names…

Umbreon Unplugged: Unraveling the Sequel to Failures

Posted on July 24, 2023June 6, 2025 by Dissent

On June 23, DataBreaches published the first of a series of interviews with Pepijn Van der S. aka “Umbreon.” Umbreon, 21, was arrested in January and remains in detention, awaiting trial on charges that include hacking, data exfiltration, extortion, sale of stolen data, and money laundering. At the end of the first article, DataBreaches invited…

Pointed to a phishing campaign targeting the healthcare sector, Microsoft leaps into action to … not even investigate?!

Posted on July 24, 2023 by Dissent

The relaxing Sunday I was looking forward to did not quite work out as planned. Dutch researcher and all-around good-guy Jelle Ursem (aka @SchizoDuckie) got in touch with me about what appeared to him to be a sketchy site allegedly by a well-known prescription management entity. After a few minutes of checking, there was no…

Norwegian ministries hit by cyberattack

Posted on July 24, 2023 by Dissent

The Norwegian Government Security and Service Organisation (DSS) has detected a cyber-attack on the ICT platform used by 12 ministries. The matter is currently being investigated by the police. “We are taking this incident very seriously. The Norwegian Government Security and Service Organisation (DSS) is cooperating closely with the National Security Authority (NSM) and the…

1st Circuit confirms standing for data breach victims

Posted on July 22, 2023 by Dissent

Orrick, Herrington & Sutcliffe LLP write: On June 30, the U.S. Court of Appeals for the First Circuit overruled a district court’s dismissal of a putative class action against a home delivery pharmacy service for allegedly failing to prevent a 2021 data breach that exposed the personally identifiable information (PII) of over 75,000 patients. The class…

CISA Advisory: Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells

Posted on July 21, 2023 by Dissent

Release Date: July 20 Alert Code: AA23-201A Summary The Cybersecurity and Infrastructure Security Agency (CISA) is releasing this Cybersecurity Advisory to warn network defenders about exploitation of CVE-2023-3519, an unauthenticated remote code execution (RCE) vulnerability affecting NetScaler (formerly Citrix) Application Delivery Controller (ADC) and NetScaler Gateway. In June 2023, threat actors exploited this vulnerability as…