Patterson-Schwartz & Associates, Inc. (“PSA”) is a real estate firm headquartered in Delaware. In May 2025, they experienced a data breach when two employee email accounts were compromised in phishing attacks on May 14 and May 29. Although PSA responded quickly to secure the compromised accounts and initiate incident response, sending notification letters to those…
Category: Phishing
Journalists going solo on Substack at risk from hackers
Alys Keys reports: Former Buzzfeed journalist Anne Helen Petersen had been putting the final touches on the latest episode of her podcast last month when an email landed in her inbox. It warned of suspicious activity on her Substack account and said her ability to send emails would be frozen until she confirmed she wasn’t a bot….
Attorney General James Announces Settlement with Wojeski & Company Accounting Firm
Wojeski & Company suffered a ransomware attack, and then an insider breach when an employee of a firm hired to investigate the breach inappropriately accessed data. Employees were also transmitting data to external accounts without authorization. To make things even worse, the accounting firm took more than a year to notify those affected. From a…
Microsoft seizes 338 websites to disrupt rapidly growing ‘RaccoonO365’ phishing service
Giles Bruce reports: Microsoft has seized 338 phishing websites associated with a cybercrime service that targeted at least 20 U.S. healthcare organizations. Using a court order granted by the U.S. District Court for the Southern District of New York, the tech giant’s Digital Crimes Unit disrupted RaccoonO365, which offers subscription-based phishing kits allowing novices to mimic official…
Massive NPM Supply Chain Attack Hits Crypto Wallets
Ashutosh reports: The recent npm supply chain breach shows just how fragile open source ecosystems can be when trust in a single maintainer account is abused. Hackers tricked the maintainer of chalk, debug, ansi-styles, and several other popular npm packages with a phishing email disguised as official support. Once they gained access, they pushed malicious…
NYDFS Secures $2 Million Cybersecurity Settlement with Healthplex, Inc.
There is an update to a phishing incident in 2021 that impacted more than 89,000 people with Healthplex dental insurance. DataBreaches notes that the NYDFS settlement announced below is not the first settlement stemming from this incident. In December 2023, the NY Attorney General’s Office announced a $400,000 settlement with Healthplex. Both the 2023 and…